google-api-client 0.42.1 → 0.42.2

data/generated/google/apis/cloudresourcemanager_v1beta1/service.rb

@@ -51,11 +51,11 @@ module Google
         # Fetches an Organization resource identified by the specified resource name.
         # @param [String] name
         #   The resource name of the Organization to fetch. This is the organization's
-        #   relative path in the API, formatted as "organizations/[organizationId]".
-        #   For example, "organizations/1234".
+        #   relative path in the API, formatted as "organizations/[organizationId]". For
+        #   example, "organizations/1234".
         # @param [String] organization_id
-        #   The id of the Organization resource to fetch.
-        #   This field is deprecated and will be removed in v1. Use name instead.
+        #   The id of the Organization resource to fetch. This field is deprecated and
+        #   will be removed in v1. Use name instead.
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
         # @param [String] quota_user
@@ -84,12 +84,12 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Gets the access control policy for an Organization resource. May be empty
-        # if no such policy or resource exists. The `resource` field should be the
+        # Gets the access control policy for an Organization resource. May be empty if
+        # no such policy or resource exists. The `resource` field should be the
         # organization's resource name, e.g. "organizations/123".
         # @param [String] resource
-        #   REQUIRED: The resource for which the policy is being requested.
-        #   See the operation documentation for the appropriate value for this field.
+        #   REQUIRED: The resource for which the policy is being requested. See the
+        #   operation documentation for the appropriate value for this field.
         # @param [Google::Apis::CloudresourcemanagerV1beta1::GetIamPolicyRequest] get_iam_policy_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -120,26 +120,23 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Lists Organization resources that are visible to the user and satisfy
-        # the specified filter. This method returns Organizations in an unspecified
-        # order. New Organizations do not necessarily appear at the end of the list.
+        # Lists Organization resources that are visible to the user and satisfy the
+        # specified filter. This method returns Organizations in an unspecified order.
+        # New Organizations do not necessarily appear at the end of the list.
         # @param [String] filter
-        #   An optional query string used to filter the Organizations to return in
-        #   the response. Filter rules are case-insensitive.
-        #   Organizations may be filtered by `owner.directoryCustomerId` or by
-        #   `domain`, where the domain is a G Suite domain, for example:
-        #   * Filter `owner.directorycustomerid:123456789` returns Organization
-        #   resources with `owner.directory_customer_id` equal to `123456789`.
-        #   * Filter `domain:google.com` returns Organization resources corresponding
-        #   to the domain `google.com`.
-        #   This field is optional.
+        #   An optional query string used to filter the Organizations to return in the
+        #   response. Filter rules are case-insensitive. Organizations may be filtered by `
+        #   owner.directoryCustomerId` or by `domain`, where the domain is a G Suite
+        #   domain, for example: * Filter `owner.directorycustomerid:123456789` returns
+        #   Organization resources with `owner.directory_customer_id` equal to `123456789`.
+        #   * Filter `domain:google.com` returns Organization resources corresponding to
+        #   the domain `google.com`. This field is optional.
         # @param [Fixnum] page_size
-        #   The maximum number of Organizations to return in the response.
-        #   This field is optional.
+        #   The maximum number of Organizations to return in the response. This field is
+        #   optional.
         # @param [String] page_token
-        #   A pagination token returned from a previous call to `ListOrganizations`
-        #   that indicates from where listing should continue.
-        #   This field is optional.
+        #   A pagination token returned from a previous call to `ListOrganizations` that
+        #   indicates from where listing should continue. This field is optional.
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
         # @param [String] quota_user
@@ -173,8 +170,8 @@ module Google
         # existing policy. The `resource` field should be the organization's resource
         # name, e.g. "organizations/123".
         # @param [String] resource
-        #   REQUIRED: The resource for which the policy is being specified.
-        #   See the operation documentation for the appropriate value for this field.
+        #   REQUIRED: The resource for which the policy is being specified. See the
+        #   operation documentation for the appropriate value for this field.
         # @param [Google::Apis::CloudresourcemanagerV1beta1::SetIamPolicyRequest] set_iam_policy_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -205,12 +202,12 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Returns permissions that a caller has on the specified Organization.
-        # The `resource` field should be the organization's resource name,
-        # e.g. "organizations/123".
+        # Returns permissions that a caller has on the specified Organization. The `
+        # resource` field should be the organization's resource name, e.g. "
+        # organizations/123".
         # @param [String] resource
-        #   REQUIRED: The resource for which the policy detail is being requested.
-        #   See the operation documentation for the appropriate value for this field.
+        #   REQUIRED: The resource for which the policy detail is being requested. See the
+        #   operation documentation for the appropriate value for this field.
         # @param [Google::Apis::CloudresourcemanagerV1beta1::TestIamPermissionsRequest] test_iam_permissions_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -243,9 +240,9 @@ module Google
         
         # Updates an Organization resource identified by the specified resource name.
         # @param [String] name
-        #   Output only. The resource name of the organization. This is the
-        #   organization's relative path in the API. Its format is
-        #   "organizations/[organization_id]". For example, "organizations/1234".
+        #   Output only. The resource name of the organization. This is the organization's
+        #   relative path in the API. Its format is "organizations/[organization_id]". For
+        #   example, "organizations/1234".
         # @param [Google::Apis::CloudresourcemanagerV1beta1::Organization] organization_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -276,18 +273,15 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Creates a Project resource.
-        # Initially, the Project resource is owned by its creator exclusively.
-        # The creator can later grant permission to others to read or update the
-        # Project.
-        # Several APIs are activated automatically for the Project, including
-        # Google Cloud Storage. The parent is identified by a specified
-        # ResourceId, which must include both an ID and a type, such as
-        # project, folder, or organization.
-        # This method does not associate the new project with a billing account.
-        # You can set or update the billing account associated with a project using
-        # the [`projects.updateBillingInfo`]
-        # (/billing/reference/rest/v1/projects/updateBillingInfo) method.
+        # Creates a Project resource. Initially, the Project resource is owned by its
+        # creator exclusively. The creator can later grant permission to others to read
+        # or update the Project. Several APIs are activated automatically for the
+        # Project, including Google Cloud Storage. The parent is identified by a
+        # specified ResourceId, which must include both an ID and a type, such as
+        # project, folder, or organization. This method does not associate the new
+        # project with a billing account. You can set or update the billing account
+        # associated with a project using the [`projects.updateBillingInfo`] (/billing/
+        # reference/rest/v1/projects/updateBillingInfo) method.
         # @param [Google::Apis::CloudresourcemanagerV1beta1::Project] project_object
         # @param [Boolean] use_legacy_stack
         #   A now unused experiment opt-out option.
@@ -320,27 +314,18 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Marks the Project identified by the specified
-        # `project_id` (for example, `my-project-123`) for deletion.
-        # This method will only affect the Project if it has a lifecycle state of
-        # ACTIVE.
-        # This method changes the Project's lifecycle state from
-        # ACTIVE
-        # to DELETE_REQUESTED.
-        # The deletion starts at an unspecified time, at which point the project is
-        # no longer accessible.
-        # Until the deletion completes, you can check the lifecycle state
-        # checked by retrieving the Project with GetProject,
-        # and the Project remains visible to ListProjects.
-        # However, you cannot update the project.
-        # After the deletion completes, the Project is not retrievable by
-        # the  GetProject
-        # and ListProjects
-        # methods.
-        # The caller must have modify permissions for this Project.
+        # Marks the Project identified by the specified `project_id` (for example, `my-
+        # project-123`) for deletion. This method will only affect the Project if it has
+        # a lifecycle state of ACTIVE. This method changes the Project's lifecycle state
+        # from ACTIVE to DELETE_REQUESTED. The deletion starts at an unspecified time,
+        # at which point the project is no longer accessible. Until the deletion
+        # completes, you can check the lifecycle state checked by retrieving the Project
+        # with GetProject, and the Project remains visible to ListProjects. However, you
+        # cannot update the project. After the deletion completes, the Project is not
+        # retrievable by the GetProject and ListProjects methods. The caller must have
+        # modify permissions for this Project.
         # @param [String] project_id
-        #   The Project ID (for example, `foo-bar-123`).
-        #   Required.
+        #   The Project ID (for example, `foo-bar-123`). Required.
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
         # @param [String] quota_user
@@ -368,12 +353,10 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Retrieves the Project identified by the specified
-        # `project_id` (for example, `my-project-123`).
-        # The caller must have read permissions for this Project.
+        # Retrieves the Project identified by the specified `project_id` (for example, `
+        # my-project-123`). The caller must have read permissions for this Project.
         # @param [String] project_id
-        #   The Project ID (for example, `my-project-123`).
-        #   Required.
+        #   The Project ID (for example, `my-project-123`). Required.
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
         # @param [String] quota_user
@@ -401,12 +384,11 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Gets a list of ancestors in the resource hierarchy for the Project
-        # identified by the specified `project_id` (for example, `my-project-123`).
-        # The caller must have read permissions for this Project.
+        # Gets a list of ancestors in the resource hierarchy for the Project identified
+        # by the specified `project_id` (for example, `my-project-123`). The caller must
+        # have read permissions for this Project.
         # @param [String] project_id
-        #   The Project ID (for example, `my-project-123`).
-        #   Required.
+        #   The Project ID (for example, `my-project-123`). Required.
         # @param [Google::Apis::CloudresourcemanagerV1beta1::GetAncestryRequest] get_ancestry_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -437,13 +419,13 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Returns the IAM access control policy for the specified Project.
-        # Permission is denied if the policy or the resource does not exist.
-        # For additional information about resource structure and identification,
-        # see [Resource Names](/apis/design/resource_names).
+        # Returns the IAM access control policy for the specified Project. Permission is
+        # denied if the policy or the resource does not exist. For additional
+        # information about resource structure and identification, see [Resource Names](/
+        # apis/design/resource_names).
         # @param [String] resource
-        #   REQUIRED: The resource for which the policy is being requested.
-        #   See the operation documentation for the appropriate value for this field.
+        #   REQUIRED: The resource for which the policy is being requested. See the
+        #   operation documentation for the appropriate value for this field.
         # @param [Google::Apis::CloudresourcemanagerV1beta1::GetIamPolicyRequest] get_iam_policy_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -475,56 +457,42 @@ module Google
         end
         
         # Lists Projects that the caller has the `resourcemanager.projects.get`
-        # permission on and satisfy the specified filter.
-        # This method returns Projects in an unspecified order.
-        # This method is eventually consistent with project mutations; this means
-        # that a newly created project may not appear in the results or recent
-        # updates to an existing project may not be reflected in the results. To
-        # retrieve the latest state of a project, use the
-        # GetProject method.
-        # NOTE: If the request filter contains a `parent.type` and `parent.id` and
-        # the caller has the `resourcemanager.projects.list` permission on the
-        # parent, the results will be drawn from an alternate index which provides
-        # more consistent results. In future versions of this API, this List method
-        # will be split into List and Search to properly capture the behavorial
-        # difference.
+        # permission on and satisfy the specified filter. This method returns Projects
+        # in an unspecified order. This method is eventually consistent with project
+        # mutations; this means that a newly created project may not appear in the
+        # results or recent updates to an existing project may not be reflected in the
+        # results. To retrieve the latest state of a project, use the GetProject method.
+        # NOTE: If the request filter contains a `parent.type` and `parent.id` and the
+        # caller has the `resourcemanager.projects.list` permission on the parent, the
+        # results will be drawn from an alternate index which provides more consistent
+        # results. In future versions of this API, this List method will be split into
+        # List and Search to properly capture the behavorial difference.
         # @param [String] filter
-        #   An expression for filtering the results of the request.  Filter rules are
-        #   case insensitive. The fields eligible for filtering are:
-        #   + `name`
-        #   + `id`
-        #   + `labels.<key>` (where *key* is the name of a label)
-        #   + `parent.type`
-        #   + `parent.id`
-        #   Some examples of using labels as filters:
-        #   | Filter           | Description                                         |
-        #   |------------------|-----------------------------------------------------|
-        #   | name:how*        | The project's name starts with "how".               |
-        #   | name:Howl        | The project's name is `Howl` or `howl`.             |
-        #   | name:HOWL        | Equivalent to above.                                |
-        #   | NAME:howl        | Equivalent to above.                                |
-        #   | labels.color:*   | The project has the label `color`.                  |
-        #   | labels.color:red | The project's label `color` has the value `red`.    |
-        #   | labels.color:red&nbsp;labels.size:big |The project's label `color` has
-        #   the value `red` and its label `size` has the value `big`.              |
-        #   If no filter is specified, the call will return projects for which the user
-        #   has the `resourcemanager.projects.get` permission.
-        #   NOTE: To perform a by-parent query (eg., what projects are directly in a
-        #   Folder), the caller must have the `resourcemanager.projects.list`
-        #   permission on the parent and the filter must contain both a `parent.type`
-        #   and a `parent.id` restriction
-        #   (example: "parent.type:folder parent.id:123"). In this case an alternate
-        #   search index is used which provides more consistent results.
-        #   Optional.
+        #   An expression for filtering the results of the request. Filter rules are case
+        #   insensitive. The fields eligible for filtering are: + `name` + `id` + `labels.`
+        #   (where *key* is the name of a label) + `parent.type` + `parent.id` Some
+        #   examples of using labels as filters: | Filter | Description | |----------------
+        #   --|-----------------------------------------------------| | name:how* | The
+        #   project's name starts with "how". | | name:Howl | The project's name is `Howl`
+        #   or `howl`. | | name:HOWL | Equivalent to above. | | NAME:howl | Equivalent to
+        #   above. | | labels.color:* | The project has the label `color`. | | labels.
+        #   color:red | The project's label `color` has the value `red`. | | labels.color:
+        #   red labels.size:big |The project's label `color` has the value `red` and its
+        #   label `size` has the value `big`. | If no filter is specified, the call will
+        #   return projects for which the user has the `resourcemanager.projects.get`
+        #   permission. NOTE: To perform a by-parent query (eg., what projects are
+        #   directly in a Folder), the caller must have the `resourcemanager.projects.list`
+        #   permission on the parent and the filter must contain both a `parent.type` and
+        #   a `parent.id` restriction (example: "parent.type:folder parent.id:123"). In
+        #   this case an alternate search index is used which provides more consistent
+        #   results. Optional.
         # @param [Fixnum] page_size
-        #   The maximum number of Projects to return in the response.
-        #   The server can return fewer Projects than requested.
-        #   If unspecified, server picks an appropriate default.
-        #   Optional.
+        #   The maximum number of Projects to return in the response. The server can
+        #   return fewer Projects than requested. If unspecified, server picks an
+        #   appropriate default. Optional.
         # @param [String] page_token
-        #   A pagination token returned from a previous call to ListProjects
-        #   that indicates from where listing should continue.
-        #   Optional.
+        #   A pagination token returned from a previous call to ListProjects that
+        #   indicates from where listing should continue. Optional.
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
         # @param [String] quota_user
@@ -554,42 +522,36 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Sets the IAM access control policy for the specified Project.
-        # CAUTION: This method will replace the existing policy, and cannot be used
-        # to append additional IAM settings.
-        # NOTE: Removing service accounts from policies or changing their roles can
-        # render services completely inoperable. It is important to understand how
-        # the service account is being used before removing or updating its roles.
-        # The following constraints apply when using `setIamPolicy()`:
-        # + Project does not support `allUsers` and `allAuthenticatedUsers` as
-        # `members` in a `Binding` of a `Policy`.
-        # + The owner role can be granted to a `user`, `serviceAccount`, or a group
-        # that is part of an organization. For example,
-        # group@myownpersonaldomain.com could be added as an owner to a project in
-        # the myownpersonaldomain.com organization, but not the examplepetstore.com
-        # organization.
-        # + Service accounts can be made owners of a project directly
-        # without any restrictions. However, to be added as an owner, a user must be
-        # invited via Cloud Platform console and must accept the invitation.
+        # Sets the IAM access control policy for the specified Project. CAUTION: This
+        # method will replace the existing policy, and cannot be used to append
+        # additional IAM settings. NOTE: Removing service accounts from policies or
+        # changing their roles can render services completely inoperable. It is
+        # important to understand how the service account is being used before removing
+        # or updating its roles. The following constraints apply when using `
+        # setIamPolicy()`: + Project does not support `allUsers` and `
+        # allAuthenticatedUsers` as `members` in a `Binding` of a `Policy`. + The owner
+        # role can be granted to a `user`, `serviceAccount`, or a group that is part of
+        # an organization. For example, group@myownpersonaldomain.com could be added as
+        # an owner to a project in the myownpersonaldomain.com organization, but not the
+        # examplepetstore.com organization. + Service accounts can be made owners of a
+        # project directly without any restrictions. However, to be added as an owner, a
+        # user must be invited via Cloud Platform console and must accept the invitation.
         # + A user cannot be granted the owner role using `setIamPolicy()`. The user
         # must be granted the owner role using the Cloud Platform Console and must
-        # explicitly accept the invitation.
-        # + Invitations to grant the owner role cannot be sent using
-        # `setIamPolicy()`; they must be sent only using the Cloud Platform Console.
-        # + Membership changes that leave the project without any owners that have
-        # accepted the Terms of Service (ToS) will be rejected.
-        # + If the project is not part of an organization, there must be at least
-        # one owner who has accepted the Terms of Service (ToS) agreement in the
-        # policy. Calling `setIamPolicy()` to remove the last ToS-accepted owner
-        # from the policy will fail. This restriction also applies to legacy
-        # projects that no longer have owners who have accepted the ToS. Edits to
-        # IAM policies will be rejected until the lack of a ToS-accepting owner is
-        # rectified.
-        # Authorization requires the Google IAM permission
-        # `resourcemanager.projects.setIamPolicy` on the project
+        # explicitly accept the invitation. + Invitations to grant the owner role cannot
+        # be sent using `setIamPolicy()`; they must be sent only using the Cloud
+        # Platform Console. + Membership changes that leave the project without any
+        # owners that have accepted the Terms of Service (ToS) will be rejected. + If
+        # the project is not part of an organization, there must be at least one owner
+        # who has accepted the Terms of Service (ToS) agreement in the policy. Calling `
+        # setIamPolicy()` to remove the last ToS-accepted owner from the policy will
+        # fail. This restriction also applies to legacy projects that no longer have
+        # owners who have accepted the ToS. Edits to IAM policies will be rejected until
+        # the lack of a ToS-accepting owner is rectified. Authorization requires the
+        # Google IAM permission `resourcemanager.projects.setIamPolicy` on the project
         # @param [String] resource
-        #   REQUIRED: The resource for which the policy is being specified.
-        #   See the operation documentation for the appropriate value for this field.
+        #   REQUIRED: The resource for which the policy is being specified. See the
+        #   operation documentation for the appropriate value for this field.
         # @param [Google::Apis::CloudresourcemanagerV1beta1::SetIamPolicyRequest] set_iam_policy_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -622,8 +584,8 @@ module Google
         
         # Returns permissions that a caller has on the specified Project.
         # @param [String] resource
-        #   REQUIRED: The resource for which the policy detail is being requested.
-        #   See the operation documentation for the appropriate value for this field.
+        #   REQUIRED: The resource for which the policy detail is being requested. See the
+        #   operation documentation for the appropriate value for this field.
         # @param [Google::Apis::CloudresourcemanagerV1beta1::TestIamPermissionsRequest] test_iam_permissions_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -654,15 +616,12 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Restores the Project identified by the specified
-        # `project_id` (for example, `my-project-123`).
-        # You can only use this method for a Project that has a lifecycle state of
-        # DELETE_REQUESTED.
-        # After deletion starts, the Project cannot be restored.
-        # The caller must have modify permissions for this Project.
+        # Restores the Project identified by the specified `project_id` (for example, `
+        # my-project-123`). You can only use this method for a Project that has a
+        # lifecycle state of DELETE_REQUESTED. After deletion starts, the Project cannot
+        # be restored. The caller must have modify permissions for this Project.
         # @param [String] project_id
-        #   The project ID (for example, `foo-bar-123`).
-        #   Required.
+        #   The project ID (for example, `foo-bar-123`). Required.
         # @param [Google::Apis::CloudresourcemanagerV1beta1::UndeleteProjectRequest] undelete_project_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -693,12 +652,11 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Updates the attributes of the Project identified by the specified
-        # `project_id` (for example, `my-project-123`).
-        # The caller must have modify permissions for this Project.
+        # Updates the attributes of the Project identified by the specified `project_id`
+        # (for example, `my-project-123`). The caller must have modify permissions for
+        # this Project.
         # @param [String] project_id
-        #   The project ID (for example, `my-project-123`).
-        #   Required.
+        #   The project ID (for example, `my-project-123`). Required.
         # @param [Google::Apis::CloudresourcemanagerV1beta1::Project] project_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.

data/generated/google/apis/cloudresourcemanager_v2.rb

@@ -26,7 +26,7 @@ module Google
     # @see https://cloud.google.com/resource-manager
     module CloudresourcemanagerV2
       VERSION = 'V2'
-      REVISION = '20200617'
+      REVISION = '20200720'
 
       # View and manage your data across Google Cloud Platform services
       AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'

data/generated/google/apis/cloudresourcemanager_v2/classes.rb

@@ -22,53 +22,21 @@ module Google
   module Apis
     module CloudresourcemanagerV2
       
-      # Specifies the audit configuration for a service.
-      # The configuration determines which permission types are logged, and what
-      # identities, if any, are exempted from logging.
-      # An AuditConfig must have one or more AuditLogConfigs.
-      # If there are AuditConfigs for both `allServices` and a specific service,
-      # the union of the two AuditConfigs is used for that service: the log_types
-      # specified in each AuditConfig are enabled, and the exempted_members in each
-      # AuditLogConfig are exempted.
-      # Example Policy with multiple AuditConfigs:
-      # `
-      # "audit_configs": [
-      # `
-      # "service": "allServices",
-      # "audit_log_configs": [
-      # `
-      # "log_type": "DATA_READ",
-      # "exempted_members": [
-      # "user:jose@example.com"
-      # ]
-      # `,
-      # `
-      # "log_type": "DATA_WRITE"
-      # `,
-      # `
-      # "log_type": "ADMIN_READ"
-      # `
-      # ]
-      # `,
-      # `
-      # "service": "sampleservice.googleapis.com",
-      # "audit_log_configs": [
-      # `
-      # "log_type": "DATA_READ"
-      # `,
-      # `
-      # "log_type": "DATA_WRITE",
-      # "exempted_members": [
-      # "user:aliya@example.com"
-      # ]
-      # `
-      # ]
-      # `
-      # ]
-      # `
-      # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
-      # logging. It also exempts jose@example.com from DATA_READ logging, and
-      # aliya@example.com from DATA_WRITE logging.
+      # Specifies the audit configuration for a service. The configuration determines
+      # which permission types are logged, and what identities, if any, are exempted
+      # from logging. An AuditConfig must have one or more AuditLogConfigs. If there
+      # are AuditConfigs for both `allServices` and a specific service, the union of
+      # the two AuditConfigs is used for that service: the log_types specified in each
+      # AuditConfig are enabled, and the exempted_members in each AuditLogConfig are
+      # exempted. Example Policy with multiple AuditConfigs: ` "audit_configs": [ ` "
+      # service": "allServices", "audit_log_configs": [ ` "log_type": "DATA_READ", "
+      # exempted_members": [ "user:jose@example.com" ] `, ` "log_type": "DATA_WRITE" `,
+      # ` "log_type": "ADMIN_READ" ` ] `, ` "service": "sampleservice.googleapis.com",
+      # "audit_log_configs": [ ` "log_type": "DATA_READ" `, ` "log_type": "DATA_WRITE"
+      # , "exempted_members": [ "user:aliya@example.com" ] ` ] ` ] ` For sampleservice,
+      # this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also
+      # exempts jose@example.com from DATA_READ logging, and aliya@example.com from
+      # DATA_WRITE logging.
       class AuditConfig
         include Google::Apis::Core::Hashable
       
@@ -77,9 +45,9 @@ module Google
         # @return [Array<Google::Apis::CloudresourcemanagerV2::AuditLogConfig>]
         attr_accessor :audit_log_configs
       
-        # Specifies a service that will be enabled for audit logging.
-        # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
-        # `allServices` is a special value that covers all services.
+        # Specifies a service that will be enabled for audit logging. For example, `
+        # storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special
+        # value that covers all services.
         # Corresponds to the JSON property `service`
         # @return [String]
         attr_accessor :service
@@ -95,28 +63,15 @@ module Google
         end
       end
       
-      # Provides the configuration for logging a type of permissions.
-      # Example:
-      # `
-      # "audit_log_configs": [
-      # `
-      # "log_type": "DATA_READ",
-      # "exempted_members": [
-      # "user:jose@example.com"
-      # ]
-      # `,
-      # `
-      # "log_type": "DATA_WRITE"
-      # `
-      # ]
-      # `
-      # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
-      # jose@example.com from DATA_READ logging.
+      # Provides the configuration for logging a type of permissions. Example: ` "
+      # audit_log_configs": [ ` "log_type": "DATA_READ", "exempted_members": [ "user:
+      # jose@example.com" ] `, ` "log_type": "DATA_WRITE" ` ] ` This enables '
+      # DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from
+      # DATA_READ logging.
       class AuditLogConfig
         include Google::Apis::Core::Hashable
       
-        # Specifies the identities that do not cause logging for this type of
-        # permission.
+        # Specifies the identities that do not cause logging for this type of permission.
         # Follows the same format of Binding.members.
         # Corresponds to the JSON property `exemptedMembers`
         # @return [Array<String>]
@@ -142,69 +97,57 @@ module Google
       class Binding
         include Google::Apis::Core::Hashable
       
-        # Represents a textual expression in the Common Expression Language (CEL)
-        # syntax. CEL is a C-like expression language. The syntax and semantics of CEL
-        # are documented at https://github.com/google/cel-spec.
-        # Example (Comparison):
-        # title: "Summary size limit"
-        # description: "Determines if a summary is less than 100 chars"
-        # expression: "document.summary.size() < 100"
-        # Example (Equality):
-        # title: "Requestor is owner"
-        # description: "Determines if requestor is the document owner"
-        # expression: "document.owner == request.auth.claims.email"
-        # Example (Logic):
-        # title: "Public documents"
-        # description: "Determine whether the document should be publicly visible"
-        # expression: "document.type != 'private' && document.type != 'internal'"
-        # Example (Data Manipulation):
-        # title: "Notification string"
-        # description: "Create a notification string with a timestamp."
-        # expression: "'New message received at ' + string(document.create_time)"
-        # The exact variables and functions that may be referenced within an expression
-        # are determined by the service that evaluates it. See the service
-        # documentation for additional information.
+        # Represents a textual expression in the Common Expression Language (CEL) syntax.
+        # CEL is a C-like expression language. The syntax and semantics of CEL are
+        # documented at https://github.com/google/cel-spec. Example (Comparison): title:
+        # "Summary size limit" description: "Determines if a summary is less than 100
+        # chars" expression: "document.summary.size() < 100" Example (Equality): title: "
+        # Requestor is owner" description: "Determines if requestor is the document
+        # owner" expression: "document.owner == request.auth.claims.email" Example (
+        # Logic): title: "Public documents" description: "Determine whether the document
+        # should be publicly visible" expression: "document.type != 'private' &&
+        # document.type != 'internal'" Example (Data Manipulation): title: "Notification
+        # string" description: "Create a notification string with a timestamp."
+        # expression: "'New message received at ' + string(document.create_time)" The
+        # exact variables and functions that may be referenced within an expression are
+        # determined by the service that evaluates it. See the service documentation for
+        # additional information.
         # Corresponds to the JSON property `condition`
         # @return [Google::Apis::CloudresourcemanagerV2::Expr]
         attr_accessor :condition
       
-        # Specifies the identities requesting access for a Cloud Platform resource.
-        # `members` can have the following values:
-        # * `allUsers`: A special identifier that represents anyone who is
-        # on the internet; with or without a Google account.
-        # * `allAuthenticatedUsers`: A special identifier that represents anyone
-        # who is authenticated with a Google account or a service account.
-        # * `user:`emailid``: An email address that represents a specific Google
-        # account. For example, `alice@example.com` .
-        # * `serviceAccount:`emailid``: An email address that represents a service
-        # account. For example, `my-other-app@appspot.gserviceaccount.com`.
-        # * `group:`emailid``: An email address that represents a Google group.
-        # For example, `admins@example.com`.
-        # * `deleted:user:`emailid`?uid=`uniqueid``: An email address (plus unique
-        # identifier) representing a user that has been recently deleted. For
-        # example, `alice@example.com?uid=123456789012345678901`. If the user is
-        # recovered, this value reverts to `user:`emailid`` and the recovered user
-        # retains the role in the binding.
-        # * `deleted:serviceAccount:`emailid`?uid=`uniqueid``: An email address (plus
-        # unique identifier) representing a service account that has been recently
-        # deleted. For example,
-        # `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
-        # If the service account is undeleted, this value reverts to
-        # `serviceAccount:`emailid`` and the undeleted service account retains the
-        # role in the binding.
-        # * `deleted:group:`emailid`?uid=`uniqueid``: An email address (plus unique
-        # identifier) representing a Google group that has been recently
-        # deleted. For example, `admins@example.com?uid=123456789012345678901`. If
-        # the group is recovered, this value reverts to `group:`emailid`` and the
-        # recovered group retains the role in the binding.
-        # * `domain:`domain``: The G Suite domain (primary) that represents all the
-        # users of that domain. For example, `google.com` or `example.com`.
+        # Specifies the identities requesting access for a Cloud Platform resource. `
+        # members` can have the following values: * `allUsers`: A special identifier
+        # that represents anyone who is on the internet; with or without a Google
+        # account. * `allAuthenticatedUsers`: A special identifier that represents
+        # anyone who is authenticated with a Google account or a service account. * `
+        # user:`emailid``: An email address that represents a specific Google account.
+        # For example, `alice@example.com` . * `serviceAccount:`emailid``: An email
+        # address that represents a service account. For example, `my-other-app@appspot.
+        # gserviceaccount.com`. * `group:`emailid``: An email address that represents a
+        # Google group. For example, `admins@example.com`. * `deleted:user:`emailid`?uid=
+        # `uniqueid``: An email address (plus unique identifier) representing a user
+        # that has been recently deleted. For example, `alice@example.com?uid=
+        # 123456789012345678901`. If the user is recovered, this value reverts to `user:`
+        # emailid`` and the recovered user retains the role in the binding. * `deleted:
+        # serviceAccount:`emailid`?uid=`uniqueid``: An email address (plus unique
+        # identifier) representing a service account that has been recently deleted. For
+        # example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
+        # If the service account is undeleted, this value reverts to `serviceAccount:`
+        # emailid`` and the undeleted service account retains the role in the binding. *
+        # `deleted:group:`emailid`?uid=`uniqueid``: An email address (plus unique
+        # identifier) representing a Google group that has been recently deleted. For
+        # example, `admins@example.com?uid=123456789012345678901`. If the group is
+        # recovered, this value reverts to `group:`emailid`` and the recovered group
+        # retains the role in the binding. * `domain:`domain``: The G Suite domain (
+        # primary) that represents all the users of that domain. For example, `google.
+        # com` or `example.com`.
         # Corresponds to the JSON property `members`
         # @return [Array<String>]
         attr_accessor :members
       
-        # Role that is assigned to `members`.
-        # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`
+        # , or `roles/owner`.
         # Corresponds to the JSON property `role`
         # @return [String]
         attr_accessor :role
@@ -221,52 +164,43 @@ module Google
         end
       end
       
-      # Represents a textual expression in the Common Expression Language (CEL)
-      # syntax. CEL is a C-like expression language. The syntax and semantics of CEL
-      # are documented at https://github.com/google/cel-spec.
-      # Example (Comparison):
-      # title: "Summary size limit"
-      # description: "Determines if a summary is less than 100 chars"
-      # expression: "document.summary.size() < 100"
-      # Example (Equality):
-      # title: "Requestor is owner"
-      # description: "Determines if requestor is the document owner"
-      # expression: "document.owner == request.auth.claims.email"
-      # Example (Logic):
-      # title: "Public documents"
-      # description: "Determine whether the document should be publicly visible"
-      # expression: "document.type != 'private' && document.type != 'internal'"
-      # Example (Data Manipulation):
-      # title: "Notification string"
-      # description: "Create a notification string with a timestamp."
-      # expression: "'New message received at ' + string(document.create_time)"
-      # The exact variables and functions that may be referenced within an expression
-      # are determined by the service that evaluates it. See the service
-      # documentation for additional information.
+      # Represents a textual expression in the Common Expression Language (CEL) syntax.
+      # CEL is a C-like expression language. The syntax and semantics of CEL are
+      # documented at https://github.com/google/cel-spec. Example (Comparison): title:
+      # "Summary size limit" description: "Determines if a summary is less than 100
+      # chars" expression: "document.summary.size() < 100" Example (Equality): title: "
+      # Requestor is owner" description: "Determines if requestor is the document
+      # owner" expression: "document.owner == request.auth.claims.email" Example (
+      # Logic): title: "Public documents" description: "Determine whether the document
+      # should be publicly visible" expression: "document.type != 'private' &&
+      # document.type != 'internal'" Example (Data Manipulation): title: "Notification
+      # string" description: "Create a notification string with a timestamp."
+      # expression: "'New message received at ' + string(document.create_time)" The
+      # exact variables and functions that may be referenced within an expression are
+      # determined by the service that evaluates it. See the service documentation for
+      # additional information.
       class Expr
         include Google::Apis::Core::Hashable
       
-        # Optional. Description of the expression. This is a longer text which
-        # describes the expression, e.g. when hovered over it in a UI.
+        # Optional. Description of the expression. This is a longer text which describes
+        # the expression, e.g. when hovered over it in a UI.
         # Corresponds to the JSON property `description`
         # @return [String]
         attr_accessor :description
       
-        # Textual representation of an expression in Common Expression Language
-        # syntax.
+        # Textual representation of an expression in Common Expression Language syntax.
         # Corresponds to the JSON property `expression`
         # @return [String]
         attr_accessor :expression
       
-        # Optional. String indicating the location of the expression for error
-        # reporting, e.g. a file name and a position in the file.
+        # Optional. String indicating the location of the expression for error reporting,
+        # e.g. a file name and a position in the file.
         # Corresponds to the JSON property `location`
         # @return [String]
         attr_accessor :location
       
-        # Optional. Title for the expression, i.e. a short string describing
-        # its purpose. This can be used e.g. in UIs which allow to enter the
-        # expression.
+        # Optional. Title for the expression, i.e. a short string describing its purpose.
+        # This can be used e.g. in UIs which allow to enter the expression.
         # Corresponds to the JSON property `title`
         # @return [String]
         attr_accessor :title
@@ -284,8 +218,8 @@ module Google
         end
       end
       
-      # A Folder in an Organization's resource hierarchy, used to
-      # organize that Organization's resources.
+      # A Folder in an Organization's resource hierarchy, used to organize that
+      # Organization's resources.
       class Folder
         include Google::Apis::Core::Hashable
       
@@ -294,34 +228,30 @@ module Google
         # @return [String]
         attr_accessor :create_time
       
-        # The folder’s display name.
-        # A folder’s display name must be unique amongst its siblings, e.g.
-        # no two folders with the same parent can share the same display name.
-        # The display name must start and end with a letter or digit, may contain
-        # letters, digits, spaces, hyphens and underscores and can be no longer
-        # than 30 characters. This is captured by the regular expression:
-        # [\p`L`\p`N`]([\p`L`\p`N`_- ]`0,28`[\p`L`\p`N`])?.
+        # The folder’s display name. A folder’s display name must be unique amongst its
+        # siblings, e.g. no two folders with the same parent can share the same display
+        # name. The display name must start and end with a letter or digit, may contain
+        # letters, digits, spaces, hyphens and underscores and can be no longer than 30
+        # characters. This is captured by the regular expression: [\p`L`\p`N`]([\p`L`\p`
+        # N`_- ]`0,28`[\p`L`\p`N`])?.
         # Corresponds to the JSON property `displayName`
         # @return [String]
         attr_accessor :display_name
       
-        # Output only. The lifecycle state of the folder.
-        # Updates to the lifecycle_state must be performed via
-        # DeleteFolder and
-        # UndeleteFolder.
+        # Output only. The lifecycle state of the folder. Updates to the lifecycle_state
+        # must be performed via DeleteFolder and UndeleteFolder.
         # Corresponds to the JSON property `lifecycleState`
         # @return [String]
         attr_accessor :lifecycle_state
       
-        # Output only. The resource name of the Folder.
-        # Its format is `folders/`folder_id``, for example: "folders/1234".
+        # Output only. The resource name of the Folder. Its format is `folders/`
+        # folder_id``, for example: "folders/1234".
         # Corresponds to the JSON property `name`
         # @return [String]
         attr_accessor :name
       
-        # Required. The Folder’s parent's resource name.
-        # Updates to the folder's parent must be performed via
-        # MoveFolder.
+        # Required. The Folder’s parent's resource name. Updates to the folder's parent
+        # must be performed via MoveFolder.
         # Corresponds to the JSON property `parent`
         # @return [String]
         attr_accessor :parent
@@ -344,8 +274,8 @@ module Google
       class FolderOperation
         include Google::Apis::Core::Hashable
       
-        # The resource name of the folder or organization we are either creating
-        # the folder under or moving the folder to.
+        # The resource name of the folder or organization we are either creating the
+        # folder under or moving the folder to.
         # Corresponds to the JSON property `destinationParent`
         # @return [String]
         attr_accessor :destination_parent
@@ -360,8 +290,8 @@ module Google
         # @return [String]
         attr_accessor :operation_type
       
-        # The resource name of the folder's parent.
-        # Only applicable when the operation_type is MOVE.
+        # The resource name of the folder's parent. Only applicable when the
+        # operation_type is MOVE.
         # Corresponds to the JSON property `sourceParent`
         # @return [String]
         attr_accessor :source_parent
@@ -421,15 +351,13 @@ module Google
       class GetPolicyOptions
         include Google::Apis::Core::Hashable
       
-        # Optional. The policy format version to be returned.
-        # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
-        # rejected.
-        # Requests for policies with any conditional bindings must specify version 3.
-        # Policies without any conditional bindings may specify any valid value or
-        # leave the field unset.
-        # To learn which resources support conditions in their IAM policies, see the
-        # [IAM
-        # documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        # Optional. The policy format version to be returned. Valid values are 0, 1, and
+        # 3. Requests specifying an invalid value will be rejected. Requests for
+        # policies with any conditional bindings must specify version 3. Policies
+        # without any conditional bindings may specify any valid value or leave the
+        # field unset. To learn which resources support conditions in their IAM policies,
+        # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
+        # resource-policies).
         # Corresponds to the JSON property `requestedPolicyVersion`
         # @return [Fixnum]
         attr_accessor :requested_policy_version
@@ -448,14 +376,14 @@ module Google
       class ListFoldersResponse
         include Google::Apis::Core::Hashable
       
-        # A possibly paginated list of Folders that are direct descendants of
-        # the specified parent resource.
+        # A possibly paginated list of Folders that are direct descendants of the
+        # specified parent resource.
         # Corresponds to the JSON property `folders`
         # @return [Array<Google::Apis::CloudresourcemanagerV2::Folder>]
         attr_accessor :folders
       
-        # A pagination token returned from a previous call to `ListFolders`
-        # that indicates from where listing should continue.
+        # A pagination token returned from a previous call to `ListFolders` that
+        # indicates from where listing should continue.
         # Corresponds to the JSON property `nextPageToken`
         # @return [String]
         attr_accessor :next_page_token
@@ -475,9 +403,9 @@ module Google
       class MoveFolderRequest
         include Google::Apis::Core::Hashable
       
-        # Required. The resource name of the Folder or Organization to reparent
-        # the folder under.
-        # Must be of the form `folders/`folder_id`` or `organizations/`org_id``.
+        # Required. The resource name of the Folder or Organization to reparent the
+        # folder under. Must be of the form `folders/`folder_id`` or `organizations/`
+        # org_id``.
         # Corresponds to the JSON property `destinationParent`
         # @return [String]
         attr_accessor :destination_parent
@@ -497,47 +425,45 @@ module Google
       class Operation
         include Google::Apis::Core::Hashable
       
-        # If the value is `false`, it means the operation is still in progress.
-        # If `true`, the operation is completed, and either `error` or `response` is
-        # available.
+        # If the value is `false`, it means the operation is still in progress. If `true`
+        # , the operation is completed, and either `error` or `response` is available.
         # Corresponds to the JSON property `done`
         # @return [Boolean]
         attr_accessor :done
         alias_method :done?, :done
       
-        # The `Status` type defines a logical error model that is suitable for
-        # different programming environments, including REST APIs and RPC APIs. It is
-        # used by [gRPC](https://github.com/grpc). Each `Status` message contains
-        # three pieces of data: error code, error message, and error details.
-        # You can find out more about this error model and how to work with it in the
-        # [API Design Guide](https://cloud.google.com/apis/design/errors).
+        # The `Status` type defines a logical error model that is suitable for different
+        # programming environments, including REST APIs and RPC APIs. It is used by [
+        # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
+        # data: error code, error message, and error details. You can find out more
+        # about this error model and how to work with it in the [API Design Guide](https:
+        # //cloud.google.com/apis/design/errors).
         # Corresponds to the JSON property `error`
         # @return [Google::Apis::CloudresourcemanagerV2::Status]
         attr_accessor :error
       
-        # Service-specific metadata associated with the operation.  It typically
-        # contains progress information and common metadata such as create time.
-        # Some services might not provide such metadata.  Any method that returns a
-        # long-running operation should document the metadata type, if any.
+        # Service-specific metadata associated with the operation. It typically contains
+        # progress information and common metadata such as create time. Some services
+        # might not provide such metadata. Any method that returns a long-running
+        # operation should document the metadata type, if any.
         # Corresponds to the JSON property `metadata`
         # @return [Hash<String,Object>]
         attr_accessor :metadata
       
         # The server-assigned name, which is only unique within the same service that
-        # originally returns it. If you use the default HTTP mapping, the
-        # `name` should be a resource name ending with `operations/`unique_id``.
+        # originally returns it. If you use the default HTTP mapping, the `name` should
+        # be a resource name ending with `operations/`unique_id``.
         # Corresponds to the JSON property `name`
         # @return [String]
         attr_accessor :name
       
-        # The normal response of the operation in case of success.  If the original
-        # method returns no data on success, such as `Delete`, the response is
-        # `google.protobuf.Empty`.  If the original method is standard
-        # `Get`/`Create`/`Update`, the response should be the resource.  For other
-        # methods, the response should have the type `XxxResponse`, where `Xxx`
-        # is the original method name.  For example, if the original method name
-        # is `TakeSnapshot()`, the inferred response type is
-        # `TakeSnapshotResponse`.
+        # The normal response of the operation in case of success. If the original
+        # method returns no data on success, such as `Delete`, the response is `google.
+        # protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`,
+        # the response should be the resource. For other methods, the response should
+        # have the type `XxxResponse`, where `Xxx` is the original method name. For
+        # example, if the original method name is `TakeSnapshot()`, the inferred
+        # response type is `TakeSnapshotResponse`.
         # Corresponds to the JSON property `response`
         # @return [Hash<String,Object>]
         attr_accessor :response
@@ -557,66 +483,32 @@ module Google
       end
       
       # An Identity and Access Management (IAM) policy, which specifies access
-      # controls for Google Cloud resources.
-      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-      # `members` to a single `role`. Members can be user accounts, service accounts,
-      # Google groups, and domains (such as G Suite). A `role` is a named list of
-      # permissions; each `role` can be an IAM predefined role or a user-created
-      # custom role.
-      # For some types of Google Cloud resources, a `binding` can also specify a
-      # `condition`, which is a logical expression that allows access to a resource
-      # only if the expression evaluates to `true`. A condition can add constraints
-      # based on attributes of the request, the resource, or both. To learn which
-      # resources support conditions in their IAM policies, see the
-      # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-
-      # policies).
-      # **JSON example:**
-      # `
-      # "bindings": [
-      # `
-      # "role": "roles/resourcemanager.organizationAdmin",
-      # "members": [
-      # "user:mike@example.com",
-      # "group:admins@example.com",
-      # "domain:google.com",
-      # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
-      # ]
-      # `,
-      # `
-      # "role": "roles/resourcemanager.organizationViewer",
-      # "members": [
-      # "user:eve@example.com"
-      # ],
-      # "condition": `
-      # "title": "expirable access",
-      # "description": "Does not grant access after Sep 2020",
-      # "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')
-      # ",
-      # `
-      # `
-      # ],
-      # "etag": "BwWWja0YfJA=",
-      # "version": 3
-      # `
-      # **YAML example:**
-      # bindings:
-      # - members:
-      # - user:mike@example.com
-      # - group:admins@example.com
-      # - domain:google.com
-      # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-      # role: roles/resourcemanager.organizationAdmin
-      # - members:
-      # - user:eve@example.com
-      # role: roles/resourcemanager.organizationViewer
-      # condition:
-      # title: expirable access
-      # description: Does not grant access after Sep 2020
-      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
-      # - etag: BwWWja0YfJA=
-      # - version: 3
-      # For a description of IAM and its features, see the
-      # [IAM documentation](https://cloud.google.com/iam/docs/).
+      # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
+      # A `binding` binds one or more `members` to a single `role`. Members can be
+      # user accounts, service accounts, Google groups, and domains (such as G Suite).
+      # A `role` is a named list of permissions; each `role` can be an IAM predefined
+      # role or a user-created custom role. For some types of Google Cloud resources,
+      # a `binding` can also specify a `condition`, which is a logical expression that
+      # allows access to a resource only if the expression evaluates to `true`. A
+      # condition can add constraints based on attributes of the request, the resource,
+      # or both. To learn which resources support conditions in their IAM policies,
+      # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
+      # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
+      # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
+      # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
+      # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
+      # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
+      # title": "expirable access", "description": "Does not grant access after Sep
+      # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
+      # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
+      # members: - user:mike@example.com - group:admins@example.com - domain:google.
+      # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
+      # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
+      # roles/resourcemanager.organizationViewer condition: title: expirable access
+      # description: Does not grant access after Sep 2020 expression: request.time <
+      # timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
+      # description of IAM and its features, see the [IAM documentation](https://cloud.
+      # google.com/iam/docs/).
       class Policy
         include Google::Apis::Core::Hashable
       
@@ -625,48 +517,44 @@ module Google
         # @return [Array<Google::Apis::CloudresourcemanagerV2::AuditConfig>]
         attr_accessor :audit_configs
       
-        # Associates a list of `members` to a `role`. Optionally, may specify a
-        # `condition` that determines how and when the `bindings` are applied. Each
-        # of the `bindings` must contain at least one member.
+        # Associates a list of `members` to a `role`. Optionally, may specify a `
+        # condition` that determines how and when the `bindings` are applied. Each of
+        # the `bindings` must contain at least one member.
         # Corresponds to the JSON property `bindings`
         # @return [Array<Google::Apis::CloudresourcemanagerV2::Binding>]
         attr_accessor :bindings
       
-        # `etag` is used for optimistic concurrency control as a way to help
-        # prevent simultaneous updates of a policy from overwriting each other.
-        # It is strongly suggested that systems make use of the `etag` in the
-        # read-modify-write cycle to perform policy updates in order to avoid race
-        # conditions: An `etag` is returned in the response to `getIamPolicy`, and
-        # systems are expected to put that etag in the request to `setIamPolicy` to
-        # ensure that their change will be applied to the same version of the policy.
-        # **Important:** If you use IAM Conditions, you must include the `etag` field
-        # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
-        # you to overwrite a version `3` policy with a version `1` policy, and all of
-        # the conditions in the version `3` policy are lost.
+        # `etag` is used for optimistic concurrency control as a way to help prevent
+        # simultaneous updates of a policy from overwriting each other. It is strongly
+        # suggested that systems make use of the `etag` in the read-modify-write cycle
+        # to perform policy updates in order to avoid race conditions: An `etag` is
+        # returned in the response to `getIamPolicy`, and systems are expected to put
+        # that etag in the request to `setIamPolicy` to ensure that their change will be
+        # applied to the same version of the policy. **Important:** If you use IAM
+        # Conditions, you must include the `etag` field whenever you call `setIamPolicy`.
+        # If you omit this field, then IAM allows you to overwrite a version `3` policy
+        # with a version `1` policy, and all of the conditions in the version `3` policy
+        # are lost.
         # Corresponds to the JSON property `etag`
         # NOTE: Values are automatically base64 encoded/decoded in the client library.
         # @return [String]
         attr_accessor :etag
       
-        # Specifies the format of the policy.
-        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
-        # are rejected.
-        # Any operation that affects conditional role bindings must specify version
-        # `3`. This requirement applies to the following operations:
-        # * Getting a policy that includes a conditional role binding
-        # * Adding a conditional role binding to a policy
-        # * Changing a conditional role binding in a policy
-        # * Removing any role binding, with or without a condition, from a policy
-        # that includes conditions
-        # **Important:** If you use IAM Conditions, you must include the `etag` field
-        # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
-        # you to overwrite a version `3` policy with a version `1` policy, and all of
-        # the conditions in the version `3` policy are lost.
-        # If a policy does not include any conditions, operations on that policy may
-        # specify any valid version or leave the field unset.
-        # To learn which resources support conditions in their IAM policies, see the
-        # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-
-        # policies).
+        # Specifies the format of the policy. Valid values are `0`, `1`, and `3`.
+        # Requests that specify an invalid value are rejected. Any operation that
+        # affects conditional role bindings must specify version `3`. This requirement
+        # applies to the following operations: * Getting a policy that includes a
+        # conditional role binding * Adding a conditional role binding to a policy *
+        # Changing a conditional role binding in a policy * Removing any role binding,
+        # with or without a condition, from a policy that includes conditions **
+        # Important:** If you use IAM Conditions, you must include the `etag` field
+        # whenever you call `setIamPolicy`. If you omit this field, then IAM allows you
+        # to overwrite a version `3` policy with a version `1` policy, and all of the
+        # conditions in the version `3` policy are lost. If a policy does not include
+        # any conditions, operations on that policy may specify any valid version or
+        # leave the field unset. To learn which resources support conditions in their
+        # IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/
+        # conditions/resource-policies).
         # Corresponds to the JSON property `version`
         # @return [Fixnum]
         attr_accessor :version
@@ -695,9 +583,8 @@ module Google
         # @return [String]
         attr_accessor :create_time
       
-        # True if the project can be retrieved using GetProject. No other operations
-        # on the project are guaranteed to work until the project creation is
-        # complete.
+        # True if the project can be retrieved using GetProject. No other operations on
+        # the project are guaranteed to work until the project creation is complete.
         # Corresponds to the JSON property `gettable`
         # @return [Boolean]
         attr_accessor :gettable
@@ -736,25 +623,20 @@ module Google
         # @return [String]
         attr_accessor :page_token
       
-        # Search criteria used to select the Folders to return.
-        # If no search criteria is specified then all accessible folders will be
-        # returned.
-        # Query expressions can be used to restrict results based upon displayName,
-        # lifecycleState and parent, where the operators `=`, `NOT`, `AND` and `OR`
-        # can be used along with the suffix wildcard symbol `*`.
-        # The displayName field in a query expression should use escaped quotes
-        # for values that include whitespace to prevent unexpected behavior.
-        # Some example queries are:
-        # * Query `displayName=Test*` returns Folder resources whose display name
-        # starts with "Test".
-        # * Query `lifecycleState=ACTIVE` returns Folder resources with
-        # `lifecycleState` set to `ACTIVE`.
-        # * Query `parent=folders/123` returns Folder resources that have
-        # `folders/123` as a parent resource.
-        # * Query `parent=folders/123 AND lifecycleState=ACTIVE` returns active
-        # Folder resources that have `folders/123` as a parent resource.
-        # * Query `displayName=\\"Test String\\"` returns Folder resources with
-        # display names that include both "Test" and "String".
+        # Search criteria used to select the Folders to return. If no search criteria is
+        # specified then all accessible folders will be returned. Query expressions can
+        # be used to restrict results based upon displayName, lifecycleState and parent,
+        # where the operators `=`, `NOT`, `AND` and `OR` can be used along with the
+        # suffix wildcard symbol `*`. The displayName field in a query expression should
+        # use escaped quotes for values that include whitespace to prevent unexpected
+        # behavior. Some example queries are: * Query `displayName=Test*` returns Folder
+        # resources whose display name starts with "Test". * Query `lifecycleState=
+        # ACTIVE` returns Folder resources with `lifecycleState` set to `ACTIVE`. *
+        # Query `parent=folders/123` returns Folder resources that have `folders/123` as
+        # a parent resource. * Query `parent=folders/123 AND lifecycleState=ACTIVE`
+        # returns active Folder resources that have `folders/123` as a parent resource. *
+        # Query `displayName=\\"Test String\\"` returns Folder resources with display
+        # names that include both "Test" and "String".
         # Corresponds to the JSON property `query`
         # @return [String]
         attr_accessor :query
@@ -775,14 +657,13 @@ module Google
       class SearchFoldersResponse
         include Google::Apis::Core::Hashable
       
-        # A possibly paginated folder search results.
-        # the specified parent resource.
+        # A possibly paginated folder search results. the specified parent resource.
         # Corresponds to the JSON property `folders`
         # @return [Array<Google::Apis::CloudresourcemanagerV2::Folder>]
         attr_accessor :folders
       
-        # A pagination token returned from a previous call to `SearchFolders`
-        # that indicates from where searching should continue.
+        # A pagination token returned from a previous call to `SearchFolders` that
+        # indicates from where searching should continue.
         # Corresponds to the JSON property `nextPageToken`
         # @return [String]
         attr_accessor :next_page_token
@@ -803,74 +684,39 @@ module Google
         include Google::Apis::Core::Hashable
       
         # An Identity and Access Management (IAM) policy, which specifies access
-        # controls for Google Cloud resources.
-        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-        # `members` to a single `role`. Members can be user accounts, service accounts,
-        # Google groups, and domains (such as G Suite). A `role` is a named list of
-        # permissions; each `role` can be an IAM predefined role or a user-created
-        # custom role.
-        # For some types of Google Cloud resources, a `binding` can also specify a
-        # `condition`, which is a logical expression that allows access to a resource
-        # only if the expression evaluates to `true`. A condition can add constraints
-        # based on attributes of the request, the resource, or both. To learn which
-        # resources support conditions in their IAM policies, see the
-        # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-
-        # policies).
-        # **JSON example:**
-        # `
-        # "bindings": [
-        # `
-        # "role": "roles/resourcemanager.organizationAdmin",
-        # "members": [
-        # "user:mike@example.com",
-        # "group:admins@example.com",
-        # "domain:google.com",
-        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
-        # ]
-        # `,
-        # `
-        # "role": "roles/resourcemanager.organizationViewer",
-        # "members": [
-        # "user:eve@example.com"
-        # ],
-        # "condition": `
-        # "title": "expirable access",
-        # "description": "Does not grant access after Sep 2020",
-        # "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')
-        # ",
-        # `
-        # `
-        # ],
-        # "etag": "BwWWja0YfJA=",
-        # "version": 3
-        # `
-        # **YAML example:**
-        # bindings:
-        # - members:
-        # - user:mike@example.com
-        # - group:admins@example.com
-        # - domain:google.com
-        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-        # role: roles/resourcemanager.organizationAdmin
-        # - members:
-        # - user:eve@example.com
-        # role: roles/resourcemanager.organizationViewer
-        # condition:
-        # title: expirable access
-        # description: Does not grant access after Sep 2020
-        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
-        # - etag: BwWWja0YfJA=
-        # - version: 3
-        # For a description of IAM and its features, see the
-        # [IAM documentation](https://cloud.google.com/iam/docs/).
+        # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
+        # A `binding` binds one or more `members` to a single `role`. Members can be
+        # user accounts, service accounts, Google groups, and domains (such as G Suite).
+        # A `role` is a named list of permissions; each `role` can be an IAM predefined
+        # role or a user-created custom role. For some types of Google Cloud resources,
+        # a `binding` can also specify a `condition`, which is a logical expression that
+        # allows access to a resource only if the expression evaluates to `true`. A
+        # condition can add constraints based on attributes of the request, the resource,
+        # or both. To learn which resources support conditions in their IAM policies,
+        # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
+        # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
+        # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
+        # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
+        # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
+        # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
+        # title": "expirable access", "description": "Does not grant access after Sep
+        # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
+        # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
+        # members: - user:mike@example.com - group:admins@example.com - domain:google.
+        # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
+        # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
+        # roles/resourcemanager.organizationViewer condition: title: expirable access
+        # description: Does not grant access after Sep 2020 expression: request.time <
+        # timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
+        # description of IAM and its features, see the [IAM documentation](https://cloud.
+        # google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
         # @return [Google::Apis::CloudresourcemanagerV2::Policy]
         attr_accessor :policy
       
         # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
-        # the fields in the mask will be modified. If no mask is provided, the
-        # following default mask is used:
-        # `paths: "bindings, etag"`
+        # the fields in the mask will be modified. If no mask is provided, the following
+        # default mask is used: `paths: "bindings, etag"`
         # Corresponds to the JSON property `updateMask`
         # @return [String]
         attr_accessor :update_mask
@@ -886,12 +732,12 @@ module Google
         end
       end
       
-      # The `Status` type defines a logical error model that is suitable for
-      # different programming environments, including REST APIs and RPC APIs. It is
-      # used by [gRPC](https://github.com/grpc). Each `Status` message contains
-      # three pieces of data: error code, error message, and error details.
-      # You can find out more about this error model and how to work with it in the
-      # [API Design Guide](https://cloud.google.com/apis/design/errors).
+      # The `Status` type defines a logical error model that is suitable for different
+      # programming environments, including REST APIs and RPC APIs. It is used by [
+      # gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
+      # data: error code, error message, and error details. You can find out more
+      # about this error model and how to work with it in the [API Design Guide](https:
+      # //cloud.google.com/apis/design/errors).
       class Status
         include Google::Apis::Core::Hashable
       
@@ -900,15 +746,15 @@ module Google
         # @return [Fixnum]
         attr_accessor :code
       
-        # A list of messages that carry the error details.  There is a common set of
+        # A list of messages that carry the error details. There is a common set of
         # message types for APIs to use.
         # Corresponds to the JSON property `details`
         # @return [Array<Hash<String,Object>>]
         attr_accessor :details
       
-        # A developer-facing error message, which should be in English. Any
-        # user-facing error message should be localized and sent in the
-        # google.rpc.Status.details field, or localized by the client.
+        # A developer-facing error message, which should be in English. Any user-facing
+        # error message should be localized and sent in the google.rpc.Status.details
+        # field, or localized by the client.
         # Corresponds to the JSON property `message`
         # @return [String]
         attr_accessor :message
@@ -929,10 +775,9 @@ module Google
       class TestIamPermissionsRequest
         include Google::Apis::Core::Hashable
       
-        # The set of permissions to check for the `resource`. Permissions with
-        # wildcards (such as '*' or 'storage.*') are not allowed. For more
-        # information see
-        # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
+        # The set of permissions to check for the `resource`. Permissions with wildcards
+        # (such as '*' or 'storage.*') are not allowed. For more information see [IAM
+        # Overview](https://cloud.google.com/iam/docs/overview#permissions).
         # Corresponds to the JSON property `permissions`
         # @return [Array<String>]
         attr_accessor :permissions
@@ -951,8 +796,7 @@ module Google
       class TestIamPermissionsResponse
         include Google::Apis::Core::Hashable
       
-        # A subset of `TestPermissionsRequest.permissions` that the caller is
-        # allowed.
+        # A subset of `TestPermissionsRequest.permissions` that the caller is allowed.
         # Corresponds to the JSON property `permissions`
         # @return [Array<String>]
         attr_accessor :permissions