google-api-client 0.42.1 → 0.42.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +76 -0
- data/generated/google/apis/admob_v1.rb +1 -1
- data/generated/google/apis/admob_v1/classes.rb +3 -1
- data/generated/google/apis/apigee_v1.rb +1 -1
- data/generated/google/apis/apigee_v1/classes.rb +6 -12
- data/generated/google/apis/apigee_v1/representations.rb +1 -2
- data/generated/google/apis/apigee_v1/service.rb +18 -5
- data/generated/google/apis/appengine_v1.rb +1 -1
- data/generated/google/apis/appengine_v1/service.rb +6 -3
- data/generated/google/apis/appengine_v1beta.rb +1 -1
- data/generated/google/apis/appengine_v1beta/service.rb +6 -2
- data/generated/google/apis/appsmarket_v2.rb +1 -1
- data/generated/google/apis/bigquery_v2.rb +1 -1
- data/generated/google/apis/bigquery_v2/classes.rb +198 -3
- data/generated/google/apis/bigquery_v2/representations.rb +70 -0
- data/generated/google/apis/bigtableadmin_v1.rb +1 -1
- data/generated/google/apis/bigtableadmin_v1/classes.rb +267 -0
- data/generated/google/apis/bigtableadmin_v1/representations.rb +100 -0
- data/generated/google/apis/bigtableadmin_v2.rb +1 -1
- data/generated/google/apis/bigtableadmin_v2/classes.rb +355 -0
- data/generated/google/apis/bigtableadmin_v2/representations.rb +146 -0
- data/generated/google/apis/bigtableadmin_v2/service.rb +298 -0
- data/generated/google/apis/books_v1.rb +1 -1
- data/generated/google/apis/books_v1/classes.rb +140 -159
- data/generated/google/apis/books_v1/service.rb +47 -49
- data/generated/google/apis/chat_v1.rb +1 -1
- data/generated/google/apis/chat_v1/classes.rb +19 -0
- data/generated/google/apis/chat_v1/representations.rb +13 -0
- data/generated/google/apis/chat_v1/service.rb +39 -0
- data/generated/google/apis/chromeuxreport_v1.rb +1 -1
- data/generated/google/apis/chromeuxreport_v1/classes.rb +22 -0
- data/generated/google/apis/chromeuxreport_v1/representations.rb +2 -0
- data/generated/google/apis/{cloudfunctions_v1beta2.rb → cloudasset_v1p5beta1.rb} +9 -9
- data/generated/google/apis/cloudasset_v1p5beta1/classes.rb +1537 -0
- data/generated/google/apis/cloudasset_v1p5beta1/representations.rb +399 -0
- data/generated/google/apis/cloudasset_v1p5beta1/service.rb +129 -0
- data/generated/google/apis/cloudbuild_v1.rb +1 -1
- data/generated/google/apis/cloudbuild_v1alpha1.rb +1 -1
- data/generated/google/apis/cloudbuild_v1alpha2.rb +1 -1
- data/generated/google/apis/cloudfunctions_v1.rb +1 -1
- data/generated/google/apis/cloudfunctions_v1/classes.rb +0 -45
- data/generated/google/apis/cloudfunctions_v1/representations.rb +0 -17
- data/generated/google/apis/cloudresourcemanager_v1.rb +1 -1
- data/generated/google/apis/cloudresourcemanager_v1/classes.rb +503 -754
- data/generated/google/apis/cloudresourcemanager_v1/service.rb +198 -249
- data/generated/google/apis/cloudresourcemanager_v1beta1.rb +1 -1
- data/generated/google/apis/cloudresourcemanager_v1beta1/classes.rb +258 -429
- data/generated/google/apis/cloudresourcemanager_v1beta1/service.rb +136 -178
- data/generated/google/apis/cloudresourcemanager_v2.rb +1 -1
- data/generated/google/apis/cloudresourcemanager_v2/classes.rb +258 -414
- data/generated/google/apis/cloudresourcemanager_v2/service.rb +96 -129
- data/generated/google/apis/cloudresourcemanager_v2beta1.rb +1 -1
- data/generated/google/apis/cloudresourcemanager_v2beta1/classes.rb +258 -414
- data/generated/google/apis/cloudresourcemanager_v2beta1/service.rb +96 -129
- data/generated/google/apis/cloudscheduler_v1.rb +1 -1
- data/generated/google/apis/cloudscheduler_v1/classes.rb +11 -0
- data/generated/google/apis/cloudscheduler_v1/representations.rb +1 -0
- data/generated/google/apis/cloudscheduler_v1beta1.rb +1 -1
- data/generated/google/apis/cloudscheduler_v1beta1/classes.rb +11 -0
- data/generated/google/apis/cloudscheduler_v1beta1/representations.rb +1 -0
- data/generated/google/apis/cloudshell_v1.rb +1 -1
- data/generated/google/apis/cloudshell_v1/classes.rb +2 -2
- data/generated/google/apis/cloudshell_v1alpha1.rb +1 -1
- data/generated/google/apis/cloudshell_v1alpha1/classes.rb +8 -5
- data/generated/google/apis/content_v2.rb +1 -1
- data/generated/google/apis/content_v2/classes.rb +6 -0
- data/generated/google/apis/content_v2/representations.rb +1 -0
- data/generated/google/apis/content_v2_1.rb +1 -1
- data/generated/google/apis/content_v2_1/classes.rb +6 -0
- data/generated/google/apis/content_v2_1/representations.rb +1 -0
- data/generated/google/apis/customsearch_v1.rb +1 -1
- data/generated/google/apis/customsearch_v1/classes.rb +14 -10
- data/generated/google/apis/customsearch_v1/service.rb +6 -6
- data/generated/google/apis/datacatalog_v1beta1.rb +1 -1
- data/generated/google/apis/datacatalog_v1beta1/classes.rb +380 -569
- data/generated/google/apis/datacatalog_v1beta1/service.rb +319 -440
- data/generated/google/apis/dataflow_v1b3.rb +1 -1
- data/generated/google/apis/dataflow_v1b3/classes.rb +2 -1
- data/generated/google/apis/deploymentmanager_v2.rb +1 -1
- data/generated/google/apis/dfareporting_v3_4.rb +1 -1
- data/generated/google/apis/dfareporting_v3_4/classes.rb +421 -0
- data/generated/google/apis/dfareporting_v3_4/representations.rb +182 -0
- data/generated/google/apis/dialogflow_v2.rb +1 -1
- data/generated/google/apis/dialogflow_v2/classes.rb +148 -35
- data/generated/google/apis/dialogflow_v2/representations.rb +15 -0
- data/generated/google/apis/dialogflow_v2/service.rb +4 -0
- data/generated/google/apis/dialogflow_v2beta1.rb +1 -1
- data/generated/google/apis/dialogflow_v2beta1/classes.rb +164 -36
- data/generated/google/apis/dialogflow_v2beta1/representations.rb +15 -0
- data/generated/google/apis/dialogflow_v2beta1/service.rb +8 -0
- data/generated/google/apis/displayvideo_v1.rb +7 -1
- data/generated/google/apis/displayvideo_v1/classes.rb +1666 -1726
- data/generated/google/apis/displayvideo_v1/representations.rb +264 -0
- data/generated/google/apis/displayvideo_v1/service.rb +1173 -926
- data/generated/google/apis/doubleclicksearch_v2.rb +1 -1
- data/generated/google/apis/doubleclicksearch_v2/classes.rb +109 -126
- data/generated/google/apis/doubleclicksearch_v2/service.rb +3 -4
- data/generated/google/apis/fcm_v1.rb +1 -1
- data/generated/google/apis/fcm_v1/classes.rb +245 -393
- data/generated/google/apis/fcm_v1/service.rb +5 -6
- data/generated/google/apis/firebase_v1beta1.rb +1 -1
- data/generated/google/apis/firebase_v1beta1/classes.rb +10 -16
- data/generated/google/apis/firebaseml_v1beta2.rb +1 -1
- data/generated/google/apis/firebaseml_v1beta2/classes.rb +9 -0
- data/generated/google/apis/firebaseml_v1beta2/representations.rb +1 -0
- data/generated/google/apis/games_configuration_v1configuration.rb +1 -1
- data/generated/google/apis/games_configuration_v1configuration/service.rb +2 -2
- data/generated/google/apis/games_management_v1management.rb +1 -1
- data/generated/google/apis/games_management_v1management/service.rb +2 -2
- data/generated/google/apis/games_v1.rb +1 -1
- data/generated/google/apis/games_v1/classes.rb +1 -1
- data/generated/google/apis/games_v1/service.rb +2 -2
- data/generated/google/apis/gmail_v1.rb +1 -1
- data/generated/google/apis/gmail_v1/classes.rb +2 -2
- data/generated/google/apis/gmail_v1/service.rb +2 -1
- data/generated/google/apis/gmailpostmastertools_v1beta1.rb +4 -1
- data/generated/google/apis/monitoring_v1.rb +1 -1
- data/generated/google/apis/monitoring_v1/classes.rb +2 -1
- data/generated/google/apis/monitoring_v3.rb +1 -1
- data/generated/google/apis/monitoring_v3/classes.rb +5 -4
- data/generated/google/apis/monitoring_v3/service.rb +5 -4
- data/generated/google/apis/osconfig_v1.rb +1 -1
- data/generated/google/apis/osconfig_v1/classes.rb +75 -0
- data/generated/google/apis/osconfig_v1/representations.rb +35 -0
- data/generated/google/apis/osconfig_v1beta.rb +1 -1
- data/generated/google/apis/osconfig_v1beta/classes.rb +75 -0
- data/generated/google/apis/osconfig_v1beta/representations.rb +35 -0
- data/generated/google/apis/pagespeedonline_v5.rb +1 -1
- data/generated/google/apis/people_v1.rb +1 -1
- data/generated/google/apis/people_v1/classes.rb +243 -397
- data/generated/google/apis/people_v1/service.rb +156 -384
- data/generated/google/apis/prod_tt_sasportal_v1alpha1.rb +1 -1
- data/generated/google/apis/prod_tt_sasportal_v1alpha1/classes.rb +0 -73
- data/generated/google/apis/prod_tt_sasportal_v1alpha1/representations.rb +0 -32
- data/generated/google/apis/prod_tt_sasportal_v1alpha1/service.rb +0 -477
- data/generated/google/apis/pubsub_v1.rb +1 -1
- data/generated/google/apis/pubsub_v1/classes.rb +21 -0
- data/generated/google/apis/pubsub_v1/representations.rb +2 -0
- data/generated/google/apis/realtimebidding_v1.rb +1 -1
- data/generated/google/apis/redis_v1.rb +1 -1
- data/generated/google/apis/redis_v1/classes.rb +397 -0
- data/generated/google/apis/redis_v1/representations.rb +139 -0
- data/generated/google/apis/redis_v1beta1.rb +1 -1
- data/generated/google/apis/redis_v1beta1/classes.rb +397 -0
- data/generated/google/apis/redis_v1beta1/representations.rb +139 -0
- data/generated/google/apis/remotebuildexecution_v1.rb +1 -1
- data/generated/google/apis/remotebuildexecution_v1alpha.rb +1 -1
- data/generated/google/apis/remotebuildexecution_v2.rb +1 -1
- data/generated/google/apis/run_v1.rb +1 -1
- data/generated/google/apis/run_v1/classes.rb +835 -1248
- data/generated/google/apis/run_v1/service.rb +195 -245
- data/generated/google/apis/run_v1alpha1.rb +1 -1
- data/generated/google/apis/run_v1alpha1/classes.rb +934 -1331
- data/generated/google/apis/run_v1alpha1/service.rb +321 -377
- data/generated/google/apis/run_v1beta1.rb +1 -1
- data/generated/google/apis/run_v1beta1/classes.rb +209 -276
- data/generated/google/apis/run_v1beta1/service.rb +16 -18
- data/generated/google/apis/sasportal_v1alpha1.rb +1 -1
- data/generated/google/apis/sasportal_v1alpha1/classes.rb +0 -73
- data/generated/google/apis/sasportal_v1alpha1/representations.rb +0 -32
- data/generated/google/apis/sasportal_v1alpha1/service.rb +0 -477
- data/generated/google/apis/serviceconsumermanagement_v1.rb +1 -1
- data/generated/google/apis/serviceconsumermanagement_v1/classes.rb +2 -2
- data/generated/google/apis/serviceconsumermanagement_v1/service.rb +7 -7
- data/generated/google/apis/serviceconsumermanagement_v1beta1.rb +1 -1
- data/generated/google/apis/serviceconsumermanagement_v1beta1/classes.rb +1 -1
- data/generated/google/apis/servicenetworking_v1.rb +1 -1
- data/generated/google/apis/servicenetworking_v1/classes.rb +1 -1
- data/generated/google/apis/servicenetworking_v1beta.rb +1 -1
- data/generated/google/apis/servicenetworking_v1beta/classes.rb +1 -1
- data/generated/google/apis/serviceusage_v1.rb +1 -1
- data/generated/google/apis/serviceusage_v1/classes.rb +1 -1
- data/generated/google/apis/serviceusage_v1beta1.rb +1 -1
- data/generated/google/apis/serviceusage_v1beta1/classes.rb +1 -1
- data/generated/google/apis/spanner_v1.rb +1 -1
- data/generated/google/apis/sql_v1beta4.rb +1 -1
- data/generated/google/apis/sql_v1beta4/classes.rb +207 -200
- data/generated/google/apis/sql_v1beta4/representations.rb +2 -1
- data/generated/google/apis/sql_v1beta4/service.rb +2 -2
- data/generated/google/apis/testing_v1.rb +1 -1
- data/generated/google/apis/testing_v1/classes.rb +63 -0
- data/generated/google/apis/testing_v1/representations.rb +32 -0
- data/generated/google/apis/toolresults_v1beta3.rb +1 -1
- data/generated/google/apis/toolresults_v1beta3/classes.rb +9 -0
- data/generated/google/apis/toolresults_v1beta3/representations.rb +1 -0
- data/generated/google/apis/toolresults_v1beta3/service.rb +498 -498
- data/generated/google/apis/webfonts_v1.rb +1 -1
- data/generated/google/apis/webfonts_v1/service.rb +2 -2
- data/generated/google/apis/youtube_partner_v1.rb +1 -1
- data/generated/google/apis/youtube_partner_v1/classes.rb +637 -761
- data/generated/google/apis/youtube_partner_v1/service.rb +511 -651
- data/generated/google/apis/youtube_v3.rb +1 -1
- data/generated/google/apis/youtube_v3/classes.rb +6 -0
- data/generated/google/apis/youtube_v3/representations.rb +1 -0
- data/generated/google/apis/youtube_v3/service.rb +32 -32
- data/lib/google/apis/version.rb +1 -1
- metadata +7 -7
- data/generated/google/apis/cloudfunctions_v1beta2/classes.rb +0 -848
- data/generated/google/apis/cloudfunctions_v1beta2/representations.rb +0 -346
- data/generated/google/apis/cloudfunctions_v1beta2/service.rb +0 -486
@@ -25,7 +25,7 @@ module Google
|
|
25
25
|
# @see https://cloud.google.com/cloud-build/docs/
|
26
26
|
module CloudbuildV1
|
27
27
|
VERSION = 'V1'
|
28
|
-
REVISION = '
|
28
|
+
REVISION = '20200720'
|
29
29
|
|
30
30
|
# View and manage your data across Google Cloud Platform services
|
31
31
|
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
|
@@ -25,7 +25,7 @@ module Google
|
|
25
25
|
# @see https://cloud.google.com/cloud-build/docs/
|
26
26
|
module CloudbuildV1alpha1
|
27
27
|
VERSION = 'V1alpha1'
|
28
|
-
REVISION = '
|
28
|
+
REVISION = '20200720'
|
29
29
|
|
30
30
|
# View and manage your data across Google Cloud Platform services
|
31
31
|
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
|
@@ -25,7 +25,7 @@ module Google
|
|
25
25
|
# @see https://cloud.google.com/cloud-build/docs/
|
26
26
|
module CloudbuildV1alpha2
|
27
27
|
VERSION = 'V1alpha2'
|
28
|
-
REVISION = '
|
28
|
+
REVISION = '20200720'
|
29
29
|
|
30
30
|
# View and manage your data across Google Cloud Platform services
|
31
31
|
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
|
@@ -25,7 +25,7 @@ module Google
|
|
25
25
|
# @see https://cloud.google.com/functions
|
26
26
|
module CloudfunctionsV1
|
27
27
|
VERSION = 'V1'
|
28
|
-
REVISION = '
|
28
|
+
REVISION = '20200717'
|
29
29
|
|
30
30
|
# View and manage your data across Google Cloud Platform services
|
31
31
|
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
|
@@ -962,51 +962,6 @@ module Google
|
|
962
962
|
end
|
963
963
|
end
|
964
964
|
|
965
|
-
# Metadata describing an Operation
|
966
|
-
class OperationMetadataV1Beta2
|
967
|
-
include Google::Apis::Core::Hashable
|
968
|
-
|
969
|
-
# The original request that started the operation.
|
970
|
-
# Corresponds to the JSON property `request`
|
971
|
-
# @return [Hash<String,Object>]
|
972
|
-
attr_accessor :request
|
973
|
-
|
974
|
-
# Target of the operation - for example
|
975
|
-
# projects/project-1/locations/region-1/functions/function-1
|
976
|
-
# Corresponds to the JSON property `target`
|
977
|
-
# @return [String]
|
978
|
-
attr_accessor :target
|
979
|
-
|
980
|
-
# Type of operation.
|
981
|
-
# Corresponds to the JSON property `type`
|
982
|
-
# @return [String]
|
983
|
-
attr_accessor :type
|
984
|
-
|
985
|
-
# The last update timestamp of the operation.
|
986
|
-
# Corresponds to the JSON property `updateTime`
|
987
|
-
# @return [String]
|
988
|
-
attr_accessor :update_time
|
989
|
-
|
990
|
-
# Version id of the function created or updated by an API call.
|
991
|
-
# This field is only populated for Create and Update operations.
|
992
|
-
# Corresponds to the JSON property `versionId`
|
993
|
-
# @return [Fixnum]
|
994
|
-
attr_accessor :version_id
|
995
|
-
|
996
|
-
def initialize(**args)
|
997
|
-
update!(**args)
|
998
|
-
end
|
999
|
-
|
1000
|
-
# Update properties of this object
|
1001
|
-
def update!(**args)
|
1002
|
-
@request = args[:request] if args.key?(:request)
|
1003
|
-
@target = args[:target] if args.key?(:target)
|
1004
|
-
@type = args[:type] if args.key?(:type)
|
1005
|
-
@update_time = args[:update_time] if args.key?(:update_time)
|
1006
|
-
@version_id = args[:version_id] if args.key?(:version_id)
|
1007
|
-
end
|
1008
|
-
end
|
1009
|
-
|
1010
965
|
# An Identity and Access Management (IAM) policy, which specifies access
|
1011
966
|
# controls for Google Cloud resources.
|
1012
967
|
# A `Policy` is a collection of `bindings`. A `binding` binds one or more
|
@@ -142,12 +142,6 @@ module Google
|
|
142
142
|
include Google::Apis::Core::JsonObjectSupport
|
143
143
|
end
|
144
144
|
|
145
|
-
class OperationMetadataV1Beta2
|
146
|
-
class Representation < Google::Apis::Core::JsonRepresentation; end
|
147
|
-
|
148
|
-
include Google::Apis::Core::JsonObjectSupport
|
149
|
-
end
|
150
|
-
|
151
145
|
class Policy
|
152
146
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
153
147
|
|
@@ -391,17 +385,6 @@ module Google
|
|
391
385
|
end
|
392
386
|
end
|
393
387
|
|
394
|
-
class OperationMetadataV1Beta2
|
395
|
-
# @private
|
396
|
-
class Representation < Google::Apis::Core::JsonRepresentation
|
397
|
-
hash :request, as: 'request'
|
398
|
-
property :target, as: 'target'
|
399
|
-
property :type, as: 'type'
|
400
|
-
property :update_time, as: 'updateTime'
|
401
|
-
property :version_id, :numeric_string => true, as: 'versionId'
|
402
|
-
end
|
403
|
-
end
|
404
|
-
|
405
388
|
class Policy
|
406
389
|
# @private
|
407
390
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -26,7 +26,7 @@ module Google
|
|
26
26
|
# @see https://cloud.google.com/resource-manager
|
27
27
|
module CloudresourcemanagerV1
|
28
28
|
VERSION = 'V1'
|
29
|
-
REVISION = '
|
29
|
+
REVISION = '20200720'
|
30
30
|
|
31
31
|
# View and manage your data across Google Cloud Platform services
|
32
32
|
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
|
@@ -28,8 +28,8 @@ module Google
|
|
28
28
|
|
29
29
|
# A container to reference an id for any resource type. A `resource` in Google
|
30
30
|
# Cloud Platform is a generic term for something you (a developer) may want to
|
31
|
-
# interact with through one of our API's. Some examples are an App Engine app,
|
32
|
-
#
|
31
|
+
# interact with through one of our API's. Some examples are an App Engine app, a
|
32
|
+
# Compute Engine instance, a Cloud SQL database, and so on.
|
33
33
|
# Corresponds to the JSON property `resourceId`
|
34
34
|
# @return [Google::Apis::CloudresourcemanagerV1::ResourceId]
|
35
35
|
attr_accessor :resource_id
|
@@ -44,53 +44,21 @@ module Google
|
|
44
44
|
end
|
45
45
|
end
|
46
46
|
|
47
|
-
# Specifies the audit configuration for a service.
|
48
|
-
#
|
49
|
-
#
|
50
|
-
#
|
51
|
-
#
|
52
|
-
#
|
53
|
-
#
|
54
|
-
#
|
55
|
-
#
|
56
|
-
# `
|
57
|
-
# "
|
58
|
-
# `
|
59
|
-
#
|
60
|
-
#
|
61
|
-
#
|
62
|
-
# "log_type": "DATA_READ",
|
63
|
-
# "exempted_members": [
|
64
|
-
# "user:jose@example.com"
|
65
|
-
# ]
|
66
|
-
# `,
|
67
|
-
# `
|
68
|
-
# "log_type": "DATA_WRITE"
|
69
|
-
# `,
|
70
|
-
# `
|
71
|
-
# "log_type": "ADMIN_READ"
|
72
|
-
# `
|
73
|
-
# ]
|
74
|
-
# `,
|
75
|
-
# `
|
76
|
-
# "service": "sampleservice.googleapis.com",
|
77
|
-
# "audit_log_configs": [
|
78
|
-
# `
|
79
|
-
# "log_type": "DATA_READ"
|
80
|
-
# `,
|
81
|
-
# `
|
82
|
-
# "log_type": "DATA_WRITE",
|
83
|
-
# "exempted_members": [
|
84
|
-
# "user:aliya@example.com"
|
85
|
-
# ]
|
86
|
-
# `
|
87
|
-
# ]
|
88
|
-
# `
|
89
|
-
# ]
|
90
|
-
# `
|
91
|
-
# For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
|
92
|
-
# logging. It also exempts jose@example.com from DATA_READ logging, and
|
93
|
-
# aliya@example.com from DATA_WRITE logging.
|
47
|
+
# Specifies the audit configuration for a service. The configuration determines
|
48
|
+
# which permission types are logged, and what identities, if any, are exempted
|
49
|
+
# from logging. An AuditConfig must have one or more AuditLogConfigs. If there
|
50
|
+
# are AuditConfigs for both `allServices` and a specific service, the union of
|
51
|
+
# the two AuditConfigs is used for that service: the log_types specified in each
|
52
|
+
# AuditConfig are enabled, and the exempted_members in each AuditLogConfig are
|
53
|
+
# exempted. Example Policy with multiple AuditConfigs: ` "audit_configs": [ ` "
|
54
|
+
# service": "allServices", "audit_log_configs": [ ` "log_type": "DATA_READ", "
|
55
|
+
# exempted_members": [ "user:jose@example.com" ] `, ` "log_type": "DATA_WRITE" `,
|
56
|
+
# ` "log_type": "ADMIN_READ" ` ] `, ` "service": "sampleservice.googleapis.com",
|
57
|
+
# "audit_log_configs": [ ` "log_type": "DATA_READ" `, ` "log_type": "DATA_WRITE"
|
58
|
+
# , "exempted_members": [ "user:aliya@example.com" ] ` ] ` ] ` For sampleservice,
|
59
|
+
# this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also
|
60
|
+
# exempts jose@example.com from DATA_READ logging, and aliya@example.com from
|
61
|
+
# DATA_WRITE logging.
|
94
62
|
class AuditConfig
|
95
63
|
include Google::Apis::Core::Hashable
|
96
64
|
|
@@ -99,9 +67,9 @@ module Google
|
|
99
67
|
# @return [Array<Google::Apis::CloudresourcemanagerV1::AuditLogConfig>]
|
100
68
|
attr_accessor :audit_log_configs
|
101
69
|
|
102
|
-
# Specifies a service that will be enabled for audit logging.
|
103
|
-
#
|
104
|
-
#
|
70
|
+
# Specifies a service that will be enabled for audit logging. For example, `
|
71
|
+
# storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special
|
72
|
+
# value that covers all services.
|
105
73
|
# Corresponds to the JSON property `service`
|
106
74
|
# @return [String]
|
107
75
|
attr_accessor :service
|
@@ -117,28 +85,15 @@ module Google
|
|
117
85
|
end
|
118
86
|
end
|
119
87
|
|
120
|
-
# Provides the configuration for logging a type of permissions.
|
121
|
-
#
|
122
|
-
# `
|
123
|
-
#
|
124
|
-
#
|
125
|
-
# "log_type": "DATA_READ",
|
126
|
-
# "exempted_members": [
|
127
|
-
# "user:jose@example.com"
|
128
|
-
# ]
|
129
|
-
# `,
|
130
|
-
# `
|
131
|
-
# "log_type": "DATA_WRITE"
|
132
|
-
# `
|
133
|
-
# ]
|
134
|
-
# `
|
135
|
-
# This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
|
136
|
-
# jose@example.com from DATA_READ logging.
|
88
|
+
# Provides the configuration for logging a type of permissions. Example: ` "
|
89
|
+
# audit_log_configs": [ ` "log_type": "DATA_READ", "exempted_members": [ "user:
|
90
|
+
# jose@example.com" ] `, ` "log_type": "DATA_WRITE" ` ] ` This enables '
|
91
|
+
# DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from
|
92
|
+
# DATA_READ logging.
|
137
93
|
class AuditLogConfig
|
138
94
|
include Google::Apis::Core::Hashable
|
139
95
|
|
140
|
-
# Specifies the identities that do not cause logging for this type of
|
141
|
-
# permission.
|
96
|
+
# Specifies the identities that do not cause logging for this type of permission.
|
142
97
|
# Follows the same format of Binding.members.
|
143
98
|
# Corresponds to the JSON property `exemptedMembers`
|
144
99
|
# @return [Array<String>]
|
@@ -164,69 +119,57 @@ module Google
|
|
164
119
|
class Binding
|
165
120
|
include Google::Apis::Core::Hashable
|
166
121
|
|
167
|
-
# Represents a textual expression in the Common Expression Language (CEL)
|
168
|
-
#
|
169
|
-
#
|
170
|
-
#
|
171
|
-
#
|
172
|
-
# description: "Determines if
|
173
|
-
# expression: "document.
|
174
|
-
#
|
175
|
-
#
|
176
|
-
#
|
177
|
-
#
|
178
|
-
#
|
179
|
-
#
|
180
|
-
#
|
181
|
-
#
|
182
|
-
# Example (Data Manipulation):
|
183
|
-
# title: "Notification string"
|
184
|
-
# description: "Create a notification string with a timestamp."
|
185
|
-
# expression: "'New message received at ' + string(document.create_time)"
|
186
|
-
# The exact variables and functions that may be referenced within an expression
|
187
|
-
# are determined by the service that evaluates it. See the service
|
188
|
-
# documentation for additional information.
|
122
|
+
# Represents a textual expression in the Common Expression Language (CEL) syntax.
|
123
|
+
# CEL is a C-like expression language. The syntax and semantics of CEL are
|
124
|
+
# documented at https://github.com/google/cel-spec. Example (Comparison): title:
|
125
|
+
# "Summary size limit" description: "Determines if a summary is less than 100
|
126
|
+
# chars" expression: "document.summary.size() < 100" Example (Equality): title: "
|
127
|
+
# Requestor is owner" description: "Determines if requestor is the document
|
128
|
+
# owner" expression: "document.owner == request.auth.claims.email" Example (
|
129
|
+
# Logic): title: "Public documents" description: "Determine whether the document
|
130
|
+
# should be publicly visible" expression: "document.type != 'private' &&
|
131
|
+
# document.type != 'internal'" Example (Data Manipulation): title: "Notification
|
132
|
+
# string" description: "Create a notification string with a timestamp."
|
133
|
+
# expression: "'New message received at ' + string(document.create_time)" The
|
134
|
+
# exact variables and functions that may be referenced within an expression are
|
135
|
+
# determined by the service that evaluates it. See the service documentation for
|
136
|
+
# additional information.
|
189
137
|
# Corresponds to the JSON property `condition`
|
190
138
|
# @return [Google::Apis::CloudresourcemanagerV1::Expr]
|
191
139
|
attr_accessor :condition
|
192
140
|
|
193
|
-
# Specifies the identities requesting access for a Cloud Platform resource.
|
194
|
-
#
|
195
|
-
#
|
196
|
-
#
|
197
|
-
#
|
198
|
-
#
|
199
|
-
# * `
|
200
|
-
# account. For example, `
|
201
|
-
# * `
|
202
|
-
#
|
203
|
-
#
|
204
|
-
# For example, `
|
205
|
-
#
|
206
|
-
#
|
207
|
-
#
|
208
|
-
#
|
209
|
-
#
|
210
|
-
#
|
211
|
-
#
|
212
|
-
# deleted
|
213
|
-
#
|
214
|
-
# If the
|
215
|
-
# `
|
216
|
-
# role in the binding.
|
217
|
-
#
|
218
|
-
#
|
219
|
-
# deleted. For example, `admins@example.com?uid=123456789012345678901`. If
|
220
|
-
# the group is recovered, this value reverts to `group:`emailid`` and the
|
221
|
-
# recovered group retains the role in the binding.
|
222
|
-
# * `domain:`domain``: The G Suite domain (primary) that represents all the
|
223
|
-
# users of that domain. For example, `google.com` or `example.com`.
|
141
|
+
# Specifies the identities requesting access for a Cloud Platform resource. `
|
142
|
+
# members` can have the following values: * `allUsers`: A special identifier
|
143
|
+
# that represents anyone who is on the internet; with or without a Google
|
144
|
+
# account. * `allAuthenticatedUsers`: A special identifier that represents
|
145
|
+
# anyone who is authenticated with a Google account or a service account. * `
|
146
|
+
# user:`emailid``: An email address that represents a specific Google account.
|
147
|
+
# For example, `alice@example.com` . * `serviceAccount:`emailid``: An email
|
148
|
+
# address that represents a service account. For example, `my-other-app@appspot.
|
149
|
+
# gserviceaccount.com`. * `group:`emailid``: An email address that represents a
|
150
|
+
# Google group. For example, `admins@example.com`. * `deleted:user:`emailid`?uid=
|
151
|
+
# `uniqueid``: An email address (plus unique identifier) representing a user
|
152
|
+
# that has been recently deleted. For example, `alice@example.com?uid=
|
153
|
+
# 123456789012345678901`. If the user is recovered, this value reverts to `user:`
|
154
|
+
# emailid`` and the recovered user retains the role in the binding. * `deleted:
|
155
|
+
# serviceAccount:`emailid`?uid=`uniqueid``: An email address (plus unique
|
156
|
+
# identifier) representing a service account that has been recently deleted. For
|
157
|
+
# example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
|
158
|
+
# If the service account is undeleted, this value reverts to `serviceAccount:`
|
159
|
+
# emailid`` and the undeleted service account retains the role in the binding. *
|
160
|
+
# `deleted:group:`emailid`?uid=`uniqueid``: An email address (plus unique
|
161
|
+
# identifier) representing a Google group that has been recently deleted. For
|
162
|
+
# example, `admins@example.com?uid=123456789012345678901`. If the group is
|
163
|
+
# recovered, this value reverts to `group:`emailid`` and the recovered group
|
164
|
+
# retains the role in the binding. * `domain:`domain``: The G Suite domain (
|
165
|
+
# primary) that represents all the users of that domain. For example, `google.
|
166
|
+
# com` or `example.com`.
|
224
167
|
# Corresponds to the JSON property `members`
|
225
168
|
# @return [Array<String>]
|
226
169
|
attr_accessor :members
|
227
170
|
|
228
|
-
# Role that is assigned to `members`.
|
229
|
-
#
|
171
|
+
# Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`
|
172
|
+
# , or `roles/owner`.
|
230
173
|
# Corresponds to the JSON property `role`
|
231
174
|
# @return [String]
|
232
175
|
attr_accessor :role
|
@@ -243,10 +186,9 @@ module Google
|
|
243
186
|
end
|
244
187
|
end
|
245
188
|
|
246
|
-
# A `Constraint` that is either enforced or not.
|
247
|
-
#
|
248
|
-
#
|
249
|
-
# opened to that instance.
|
189
|
+
# A `Constraint` that is either enforced or not. For example a constraint `
|
190
|
+
# constraints/compute.disableSerialPortAccess`. If it is enforced on a VM
|
191
|
+
# instance, serial port connections will not be opened to that instance.
|
250
192
|
class BooleanConstraint
|
251
193
|
include Google::Apis::Core::Hashable
|
252
194
|
|
@@ -264,45 +206,29 @@ module Google
|
|
264
206
|
class BooleanPolicy
|
265
207
|
include Google::Apis::Core::Hashable
|
266
208
|
|
267
|
-
# If `true`, then the `Policy` is enforced. If `false`, then any
|
268
|
-
#
|
269
|
-
#
|
270
|
-
# `
|
271
|
-
#
|
272
|
-
#
|
273
|
-
# - If the `Policy` at this
|
274
|
-
# port connection attempts will be allowed.
|
275
|
-
# - If
|
276
|
-
# port connection attempts will be
|
277
|
-
#
|
278
|
-
#
|
279
|
-
#
|
280
|
-
#
|
281
|
-
#
|
282
|
-
#
|
283
|
-
#
|
284
|
-
#
|
285
|
-
#
|
286
|
-
# `organizations/foo` has a `Policy` with:
|
287
|
-
# `
|
288
|
-
#
|
289
|
-
#
|
290
|
-
# enforced.
|
291
|
-
# Example 2 (enforcement gets replaced):
|
292
|
-
# `organizations/foo` has a `Policy` with:
|
293
|
-
# `enforced: false`
|
294
|
-
# `projects/bar` has a `Policy` with:
|
295
|
-
# `enforced: true`
|
296
|
-
# The constraint at `organizations/foo` is not enforced.
|
297
|
-
# The constraint at `projects/bar` is enforced.
|
298
|
-
# Example 3 (RestoreDefault):
|
299
|
-
# `organizations/foo` has a `Policy` with:
|
300
|
-
# `enforced: true`
|
301
|
-
# `projects/bar` has a `Policy` with:
|
302
|
-
# `RestoreDefault: ```
|
303
|
-
# The constraint at `organizations/foo` is enforced.
|
304
|
-
# The constraint at `projects/bar` is not enforced, because
|
305
|
-
# `constraint_default` for the `Constraint` is `ALLOW`.
|
209
|
+
# If `true`, then the `Policy` is enforced. If `false`, then any configuration
|
210
|
+
# is acceptable. Suppose you have a `Constraint` `constraints/compute.
|
211
|
+
# disableSerialPortAccess` with `constraint_default` set to `ALLOW`. A `Policy`
|
212
|
+
# for that `Constraint` exhibits the following behavior: - If the `Policy` at
|
213
|
+
# this resource has enforced set to `false`, serial port connection attempts
|
214
|
+
# will be allowed. - If the `Policy` at this resource has enforced set to `true`,
|
215
|
+
# serial port connection attempts will be refused. - If the `Policy` at this
|
216
|
+
# resource is `RestoreDefault`, serial port connection attempts will be allowed.
|
217
|
+
# - If no `Policy` is set at this resource or anywhere higher in the resource
|
218
|
+
# hierarchy, serial port connection attempts will be allowed. - If no `Policy`
|
219
|
+
# is set at this resource, but one exists higher in the resource hierarchy, the
|
220
|
+
# behavior is as if the`Policy` were set at this resource. The following
|
221
|
+
# examples demonstrate the different possible layerings: Example 1 (nearest `
|
222
|
+
# Constraint` wins): `organizations/foo` has a `Policy` with: `enforced: false` `
|
223
|
+
# projects/bar` has no `Policy` set. The constraint at `projects/bar` and `
|
224
|
+
# organizations/foo` will not be enforced. Example 2 (enforcement gets replaced):
|
225
|
+
# `organizations/foo` has a `Policy` with: `enforced: false` `projects/bar` has
|
226
|
+
# a `Policy` with: `enforced: true` The constraint at `organizations/foo` is not
|
227
|
+
# enforced. The constraint at `projects/bar` is enforced. Example 3 (
|
228
|
+
# RestoreDefault): `organizations/foo` has a `Policy` with: `enforced: true` `
|
229
|
+
# projects/bar` has a `Policy` with: `RestoreDefault: ``` The constraint at `
|
230
|
+
# organizations/foo` is enforced. The constraint at `projects/bar` is not
|
231
|
+
# enforced, because `constraint_default` for the `Constraint` is `ALLOW`.
|
306
232
|
# Corresponds to the JSON property `enforced`
|
307
233
|
# @return [Boolean]
|
308
234
|
attr_accessor :enforced
|
@@ -327,8 +253,8 @@ module Google
|
|
327
253
|
# @return [String]
|
328
254
|
attr_accessor :constraint
|
329
255
|
|
330
|
-
# The current version, for concurrency control. Not sending an `etag`
|
331
|
-
#
|
256
|
+
# The current version, for concurrency control. Not sending an `etag` will cause
|
257
|
+
# the `Policy` to be cleared blindly.
|
332
258
|
# Corresponds to the JSON property `etag`
|
333
259
|
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
334
260
|
# @return [String]
|
@@ -347,24 +273,22 @@ module Google
|
|
347
273
|
|
348
274
|
# A `Constraint` describes a way in which a resource's configuration can be
|
349
275
|
# restricted. For example, it controls which cloud services can be activated
|
350
|
-
# across an organization, or whether a Compute Engine instance can have
|
351
|
-
#
|
276
|
+
# across an organization, or whether a Compute Engine instance can have serial
|
277
|
+
# port connections established. `Constraints` can be configured by the
|
352
278
|
# organization's policy administrator to fit the needs of the organzation by
|
353
|
-
# setting Policies for `Constraints` at different locations in the
|
354
|
-
#
|
355
|
-
#
|
356
|
-
#
|
357
|
-
# [Policies](/resource-manager/reference/rest/v1/Policy).
|
279
|
+
# setting Policies for `Constraints` at different locations in the organization'
|
280
|
+
# s resource hierarchy. Policies are inherited down the resource hierarchy from
|
281
|
+
# higher levels, but can also be overridden. For details about the inheritance
|
282
|
+
# rules please read about [Policies](/resource-manager/reference/rest/v1/Policy).
|
358
283
|
# `Constraints` have a default behavior determined by the `constraint_default`
|
359
|
-
# field, which is the enforcement behavior that is used in the absence of a
|
360
|
-
#
|
284
|
+
# field, which is the enforcement behavior that is used in the absence of a `
|
285
|
+
# Policy` being defined or inherited for the resource in question.
|
361
286
|
class Constraint
|
362
287
|
include Google::Apis::Core::Hashable
|
363
288
|
|
364
|
-
# A `Constraint` that is either enforced or not.
|
365
|
-
#
|
366
|
-
#
|
367
|
-
# opened to that instance.
|
289
|
+
# A `Constraint` that is either enforced or not. For example a constraint `
|
290
|
+
# constraints/compute.disableSerialPortAccess`. If it is enforced on a VM
|
291
|
+
# instance, serial port connections will not be opened to that instance.
|
368
292
|
# Corresponds to the JSON property `booleanConstraint`
|
369
293
|
# @return [Google::Apis::CloudresourcemanagerV1::BooleanConstraint]
|
370
294
|
attr_accessor :boolean_constraint
|
@@ -375,14 +299,12 @@ module Google
|
|
375
299
|
attr_accessor :constraint_default
|
376
300
|
|
377
301
|
# Detailed description of what this `Constraint` controls as well as how and
|
378
|
-
# where it is enforced.
|
379
|
-
# Mutable.
|
302
|
+
# where it is enforced. Mutable.
|
380
303
|
# Corresponds to the JSON property `description`
|
381
304
|
# @return [String]
|
382
305
|
attr_accessor :description
|
383
306
|
|
384
|
-
# The human readable name.
|
385
|
-
# Mutable.
|
307
|
+
# The human readable name. Mutable.
|
386
308
|
# Corresponds to the JSON property `displayName`
|
387
309
|
# @return [String]
|
388
310
|
attr_accessor :display_name
|
@@ -393,8 +315,8 @@ module Google
|
|
393
315
|
# @return [Google::Apis::CloudresourcemanagerV1::ListConstraint]
|
394
316
|
attr_accessor :list_constraint
|
395
317
|
|
396
|
-
# Immutable value, required to globally be unique. For example,
|
397
|
-
#
|
318
|
+
# Immutable value, required to globally be unique. For example, `constraints/
|
319
|
+
# serviceuser.services`
|
398
320
|
# Corresponds to the JSON property `name`
|
399
321
|
# @return [String]
|
400
322
|
attr_accessor :name
|
@@ -420,13 +342,11 @@ module Google
|
|
420
342
|
end
|
421
343
|
end
|
422
344
|
|
423
|
-
# A generic empty message that you can re-use to avoid defining duplicated
|
424
|
-
#
|
425
|
-
#
|
426
|
-
#
|
427
|
-
#
|
428
|
-
# `
|
429
|
-
# The JSON representation for `Empty` is empty JSON object ````.
|
345
|
+
# A generic empty message that you can re-use to avoid defining duplicated empty
|
346
|
+
# messages in your APIs. A typical example is to use it as the request or the
|
347
|
+
# response type of an API method. For instance: service Foo ` rpc Bar(google.
|
348
|
+
# protobuf.Empty) returns (google.protobuf.Empty); ` The JSON representation for
|
349
|
+
# `Empty` is empty JSON object ````.
|
430
350
|
class Empty
|
431
351
|
include Google::Apis::Core::Hashable
|
432
352
|
|
@@ -439,52 +359,43 @@ module Google
|
|
439
359
|
end
|
440
360
|
end
|
441
361
|
|
442
|
-
# Represents a textual expression in the Common Expression Language (CEL)
|
443
|
-
#
|
444
|
-
#
|
445
|
-
#
|
446
|
-
#
|
447
|
-
# description: "Determines if
|
448
|
-
# expression: "document.
|
449
|
-
#
|
450
|
-
#
|
451
|
-
#
|
452
|
-
#
|
453
|
-
#
|
454
|
-
#
|
455
|
-
#
|
456
|
-
#
|
457
|
-
# Example (Data Manipulation):
|
458
|
-
# title: "Notification string"
|
459
|
-
# description: "Create a notification string with a timestamp."
|
460
|
-
# expression: "'New message received at ' + string(document.create_time)"
|
461
|
-
# The exact variables and functions that may be referenced within an expression
|
462
|
-
# are determined by the service that evaluates it. See the service
|
463
|
-
# documentation for additional information.
|
362
|
+
# Represents a textual expression in the Common Expression Language (CEL) syntax.
|
363
|
+
# CEL is a C-like expression language. The syntax and semantics of CEL are
|
364
|
+
# documented at https://github.com/google/cel-spec. Example (Comparison): title:
|
365
|
+
# "Summary size limit" description: "Determines if a summary is less than 100
|
366
|
+
# chars" expression: "document.summary.size() < 100" Example (Equality): title: "
|
367
|
+
# Requestor is owner" description: "Determines if requestor is the document
|
368
|
+
# owner" expression: "document.owner == request.auth.claims.email" Example (
|
369
|
+
# Logic): title: "Public documents" description: "Determine whether the document
|
370
|
+
# should be publicly visible" expression: "document.type != 'private' &&
|
371
|
+
# document.type != 'internal'" Example (Data Manipulation): title: "Notification
|
372
|
+
# string" description: "Create a notification string with a timestamp."
|
373
|
+
# expression: "'New message received at ' + string(document.create_time)" The
|
374
|
+
# exact variables and functions that may be referenced within an expression are
|
375
|
+
# determined by the service that evaluates it. See the service documentation for
|
376
|
+
# additional information.
|
464
377
|
class Expr
|
465
378
|
include Google::Apis::Core::Hashable
|
466
379
|
|
467
|
-
# Optional. Description of the expression. This is a longer text which
|
468
|
-
#
|
380
|
+
# Optional. Description of the expression. This is a longer text which describes
|
381
|
+
# the expression, e.g. when hovered over it in a UI.
|
469
382
|
# Corresponds to the JSON property `description`
|
470
383
|
# @return [String]
|
471
384
|
attr_accessor :description
|
472
385
|
|
473
|
-
# Textual representation of an expression in Common Expression Language
|
474
|
-
# syntax.
|
386
|
+
# Textual representation of an expression in Common Expression Language syntax.
|
475
387
|
# Corresponds to the JSON property `expression`
|
476
388
|
# @return [String]
|
477
389
|
attr_accessor :expression
|
478
390
|
|
479
|
-
# Optional. String indicating the location of the expression for error
|
480
|
-
#
|
391
|
+
# Optional. String indicating the location of the expression for error reporting,
|
392
|
+
# e.g. a file name and a position in the file.
|
481
393
|
# Corresponds to the JSON property `location`
|
482
394
|
# @return [String]
|
483
395
|
attr_accessor :location
|
484
396
|
|
485
|
-
# Optional. Title for the expression, i.e. a short string describing
|
486
|
-
#
|
487
|
-
# expression.
|
397
|
+
# Optional. Title for the expression, i.e. a short string describing its purpose.
|
398
|
+
# This can be used e.g. in UIs which allow to enter the expression.
|
488
399
|
# Corresponds to the JSON property `title`
|
489
400
|
# @return [String]
|
490
401
|
attr_accessor :title
|
@@ -506,8 +417,8 @@ module Google
|
|
506
417
|
class FolderOperation
|
507
418
|
include Google::Apis::Core::Hashable
|
508
419
|
|
509
|
-
# The resource name of the folder or organization we are either creating
|
510
|
-
#
|
420
|
+
# The resource name of the folder or organization we are either creating the
|
421
|
+
# folder under or moving the folder to.
|
511
422
|
# Corresponds to the JSON property `destinationParent`
|
512
423
|
# @return [String]
|
513
424
|
attr_accessor :destination_parent
|
@@ -522,8 +433,8 @@ module Google
|
|
522
433
|
# @return [String]
|
523
434
|
attr_accessor :operation_type
|
524
435
|
|
525
|
-
# The resource name of the folder's parent.
|
526
|
-
#
|
436
|
+
# The resource name of the folder's parent. Only applicable when the
|
437
|
+
# operation_type is MOVE.
|
527
438
|
# Corresponds to the JSON property `sourceParent`
|
528
439
|
# @return [String]
|
529
440
|
attr_accessor :source_parent
|
@@ -560,9 +471,7 @@ module Google
|
|
560
471
|
end
|
561
472
|
end
|
562
473
|
|
563
|
-
# The request sent to the
|
564
|
-
# GetAncestry
|
565
|
-
# method.
|
474
|
+
# The request sent to the GetAncestry method.
|
566
475
|
class GetAncestryRequest
|
567
476
|
include Google::Apis::Core::Hashable
|
568
477
|
|
@@ -575,15 +484,12 @@ module Google
|
|
575
484
|
end
|
576
485
|
end
|
577
486
|
|
578
|
-
# Response from the
|
579
|
-
# projects.getAncestry
|
580
|
-
# method.
|
487
|
+
# Response from the projects.getAncestry method.
|
581
488
|
class GetAncestryResponse
|
582
489
|
include Google::Apis::Core::Hashable
|
583
490
|
|
584
|
-
# Ancestors are ordered from bottom to top of the resource hierarchy. The
|
585
|
-
#
|
586
|
-
# etc..
|
491
|
+
# Ancestors are ordered from bottom to top of the resource hierarchy. The first
|
492
|
+
# ancestor is the project itself, followed by the project's parent, etc..
|
587
493
|
# Corresponds to the JSON property `ancestor`
|
588
494
|
# @return [Array<Google::Apis::CloudresourcemanagerV1::Ancestor>]
|
589
495
|
attr_accessor :ancestor
|
@@ -659,15 +565,13 @@ module Google
|
|
659
565
|
class GetPolicyOptions
|
660
566
|
include Google::Apis::Core::Hashable
|
661
567
|
|
662
|
-
# Optional. The policy format version to be returned.
|
663
|
-
#
|
664
|
-
#
|
665
|
-
#
|
666
|
-
#
|
667
|
-
#
|
668
|
-
#
|
669
|
-
# [IAM
|
670
|
-
# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
568
|
+
# Optional. The policy format version to be returned. Valid values are 0, 1, and
|
569
|
+
# 3. Requests specifying an invalid value will be rejected. Requests for
|
570
|
+
# policies with any conditional bindings must specify version 3. Policies
|
571
|
+
# without any conditional bindings may specify any valid value or leave the
|
572
|
+
# field unset. To learn which resources support conditions in their IAM policies,
|
573
|
+
# see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
|
574
|
+
# resource-policies).
|
671
575
|
# Corresponds to the JSON property `requestedPolicyVersion`
|
672
576
|
# @return [Fixnum]
|
673
577
|
attr_accessor :requested_policy_version
|
@@ -692,39 +596,35 @@ module Google
|
|
692
596
|
# @return [String]
|
693
597
|
attr_accessor :create_time
|
694
598
|
|
695
|
-
# A system-generated unique identifier for this Lien.
|
696
|
-
# Example: `liens/1234abcd`
|
599
|
+
# A system-generated unique identifier for this Lien. Example: `liens/1234abcd`
|
697
600
|
# Corresponds to the JSON property `name`
|
698
601
|
# @return [String]
|
699
602
|
attr_accessor :name
|
700
603
|
|
701
|
-
# A stable, user-visible/meaningful string identifying the origin of the
|
702
|
-
#
|
703
|
-
# characters.
|
604
|
+
# A stable, user-visible/meaningful string identifying the origin of the Lien,
|
605
|
+
# intended to be inspected programmatically. Maximum length of 200 characters.
|
704
606
|
# Example: 'compute.googleapis.com'
|
705
607
|
# Corresponds to the JSON property `origin`
|
706
608
|
# @return [String]
|
707
609
|
attr_accessor :origin
|
708
610
|
|
709
|
-
# A reference to the resource this Lien is attached to. The server will
|
710
|
-
#
|
711
|
-
#
|
611
|
+
# A reference to the resource this Lien is attached to. The server will validate
|
612
|
+
# the parent against those for which Liens are supported. Example: `projects/
|
613
|
+
# 1234`
|
712
614
|
# Corresponds to the JSON property `parent`
|
713
615
|
# @return [String]
|
714
616
|
attr_accessor :parent
|
715
617
|
|
716
|
-
# Concise user-visible strings indicating why an action cannot be performed
|
717
|
-
#
|
718
|
-
# Example: 'Holds production API key'
|
618
|
+
# Concise user-visible strings indicating why an action cannot be performed on a
|
619
|
+
# resource. Maximum length of 200 characters. Example: 'Holds production API key'
|
719
620
|
# Corresponds to the JSON property `reason`
|
720
621
|
# @return [String]
|
721
622
|
attr_accessor :reason
|
722
623
|
|
723
|
-
# The types of operations which should be blocked as a result of this Lien.
|
724
|
-
#
|
725
|
-
#
|
726
|
-
#
|
727
|
-
# Example: ['resourcemanager.projects.delete']
|
624
|
+
# The types of operations which should be blocked as a result of this Lien. Each
|
625
|
+
# value should correspond to an IAM permission. The server will validate the
|
626
|
+
# permissions against those for which Liens are supported. An empty list is
|
627
|
+
# meaningless and will be rejected. Example: ['resourcemanager.projects.delete']
|
728
628
|
# Corresponds to the JSON property `restrictions`
|
729
629
|
# @return [Array<String>]
|
730
630
|
attr_accessor :restrictions
|
@@ -749,15 +649,14 @@ module Google
|
|
749
649
|
class ListAvailableOrgPolicyConstraintsRequest
|
750
650
|
include Google::Apis::Core::Hashable
|
751
651
|
|
752
|
-
# Size of the pages to be returned. This is currently unsupported and will
|
753
|
-
#
|
754
|
-
# page size.
|
652
|
+
# Size of the pages to be returned. This is currently unsupported and will be
|
653
|
+
# ignored. The server may at any point start using this field to limit page size.
|
755
654
|
# Corresponds to the JSON property `pageSize`
|
756
655
|
# @return [Fixnum]
|
757
656
|
attr_accessor :page_size
|
758
657
|
|
759
|
-
# Page token used to retrieve the next page. This is currently unsupported
|
760
|
-
#
|
658
|
+
# Page token used to retrieve the next page. This is currently unsupported and
|
659
|
+
# will be ignored. The server may at any point start using this field.
|
761
660
|
# Corresponds to the JSON property `pageToken`
|
762
661
|
# @return [String]
|
763
662
|
attr_accessor :page_token
|
@@ -774,8 +673,8 @@ module Google
|
|
774
673
|
end
|
775
674
|
|
776
675
|
# The response returned from the `ListAvailableOrgPolicyConstraints` method.
|
777
|
-
# Returns all `Constraints` that could be set at this level of the hierarchy
|
778
|
-
#
|
676
|
+
# Returns all `Constraints` that could be set at this level of the hierarchy (
|
677
|
+
# contrast with the response from `ListPolicies`, which returns all policies
|
779
678
|
# which are set).
|
780
679
|
class ListAvailableOrgPolicyConstraintsResponse
|
781
680
|
include Google::Apis::Core::Hashable
|
@@ -806,16 +705,15 @@ module Google
|
|
806
705
|
class ListConstraint
|
807
706
|
include Google::Apis::Core::Hashable
|
808
707
|
|
809
|
-
# Optional. The Google Cloud Console will try to default to a configuration
|
810
|
-
#
|
708
|
+
# Optional. The Google Cloud Console will try to default to a configuration that
|
709
|
+
# matches the value specified in this `Constraint`.
|
811
710
|
# Corresponds to the JSON property `suggestedValue`
|
812
711
|
# @return [String]
|
813
712
|
attr_accessor :suggested_value
|
814
713
|
|
815
|
-
# Indicates whether subtrees of Cloud Resource Manager resource hierarchy
|
816
|
-
#
|
817
|
-
#
|
818
|
-
# 'folders/123' folder.
|
714
|
+
# Indicates whether subtrees of Cloud Resource Manager resource hierarchy can be
|
715
|
+
# used in `Policy.allowed_values` and `Policy.denied_values`. For example, `"
|
716
|
+
# under:folders/123"` would match any resource under the 'folders/123' folder.
|
819
717
|
# Corresponds to the JSON property `supportsUnder`
|
820
718
|
# @return [Boolean]
|
821
719
|
attr_accessor :supports_under
|
@@ -862,15 +760,14 @@ module Google
|
|
862
760
|
class ListOrgPoliciesRequest
|
863
761
|
include Google::Apis::Core::Hashable
|
864
762
|
|
865
|
-
# Size of the pages to be returned. This is currently unsupported and will
|
866
|
-
#
|
867
|
-
# page size.
|
763
|
+
# Size of the pages to be returned. This is currently unsupported and will be
|
764
|
+
# ignored. The server may at any point start using this field to limit page size.
|
868
765
|
# Corresponds to the JSON property `pageSize`
|
869
766
|
# @return [Fixnum]
|
870
767
|
attr_accessor :page_size
|
871
768
|
|
872
|
-
# Page token used to retrieve the next page. This is currently unsupported
|
873
|
-
#
|
769
|
+
# Page token used to retrieve the next page. This is currently unsupported and
|
770
|
+
# will be ignored. The server may at any point start using this field.
|
874
771
|
# Corresponds to the JSON property `pageToken`
|
875
772
|
# @return [String]
|
876
773
|
attr_accessor :page_token
|
@@ -886,19 +783,19 @@ module Google
|
|
886
783
|
end
|
887
784
|
end
|
888
785
|
|
889
|
-
# The response returned from the `ListOrgPolicies` method. It will be empty
|
890
|
-
#
|
786
|
+
# The response returned from the `ListOrgPolicies` method. It will be empty if
|
787
|
+
# no `Policies` are set on the resource.
|
891
788
|
class ListOrgPoliciesResponse
|
892
789
|
include Google::Apis::Core::Hashable
|
893
790
|
|
894
|
-
# Page token used to retrieve the next page. This is currently not used, but
|
895
|
-
#
|
791
|
+
# Page token used to retrieve the next page. This is currently not used, but the
|
792
|
+
# server may at any point start supplying a valid token.
|
896
793
|
# Corresponds to the JSON property `nextPageToken`
|
897
794
|
# @return [String]
|
898
795
|
attr_accessor :next_page_token
|
899
796
|
|
900
|
-
# The `Policies` that are set on the resource. It will be empty if no
|
901
|
-
#
|
797
|
+
# The `Policies` that are set on the resource. It will be empty if no `Policies`
|
798
|
+
# are set.
|
902
799
|
# Corresponds to the JSON property `policies`
|
903
800
|
# @return [Array<Google::Apis::CloudresourcemanagerV1::OrgPolicy>]
|
904
801
|
attr_accessor :policies
|
@@ -914,26 +811,22 @@ module Google
|
|
914
811
|
end
|
915
812
|
end
|
916
813
|
|
917
|
-
# Used in `policy_type` to specify how `list_policy` behaves at this
|
918
|
-
#
|
919
|
-
#
|
920
|
-
#
|
921
|
-
#
|
922
|
-
#
|
923
|
-
#
|
924
|
-
#
|
925
|
-
#
|
926
|
-
#
|
927
|
-
#
|
928
|
-
#
|
929
|
-
#
|
930
|
-
#
|
931
|
-
#
|
932
|
-
#
|
933
|
-
# `denied_values` in the same `Policy` if `all_values` is
|
934
|
-
# `ALL_VALUES_UNSPECIFIED`. `ALLOW` or `DENY` are used to allow or deny all
|
935
|
-
# values. If `all_values` is set to either `ALLOW` or `DENY`,
|
936
|
-
# `allowed_values` and `denied_values` must be unset.
|
814
|
+
# Used in `policy_type` to specify how `list_policy` behaves at this resource. `
|
815
|
+
# ListPolicy` can define specific values and subtrees of Cloud Resource Manager
|
816
|
+
# resource hierarchy (`Organizations`, `Folders`, `Projects`) that are allowed
|
817
|
+
# or denied by setting the `allowed_values` and `denied_values` fields. This is
|
818
|
+
# achieved by using the `under:` and optional `is:` prefixes. The `under:`
|
819
|
+
# prefix is used to denote resource subtree values. The `is:` prefix is used to
|
820
|
+
# denote specific values, and is required only if the value contains a ":".
|
821
|
+
# Values prefixed with "is:" are treated the same as values with no prefix.
|
822
|
+
# Ancestry subtrees must be in one of the following formats: - "projects/", e.g.
|
823
|
+
# "projects/tokyo-rain-123" - "folders/", e.g. "folders/1234" - "organizations/",
|
824
|
+
# e.g. "organizations/1234" The `supports_under` field of the associated `
|
825
|
+
# Constraint` defines whether ancestry prefixes can be used. You can set `
|
826
|
+
# allowed_values` and `denied_values` in the same `Policy` if `all_values` is `
|
827
|
+
# ALL_VALUES_UNSPECIFIED`. `ALLOW` or `DENY` are used to allow or deny all
|
828
|
+
# values. If `all_values` is set to either `ALLOW` or `DENY`, `allowed_values`
|
829
|
+
# and `denied_values` must be unset.
|
937
830
|
class ListPolicy
|
938
831
|
include Google::Apis::Core::Hashable
|
939
832
|
|
@@ -942,112 +835,83 @@ module Google
|
|
942
835
|
# @return [String]
|
943
836
|
attr_accessor :all_values
|
944
837
|
|
945
|
-
# List of values allowed
|
946
|
-
#
|
838
|
+
# List of values allowed at this resource. Can only be set if `all_values` is
|
839
|
+
# set to `ALL_VALUES_UNSPECIFIED`.
|
947
840
|
# Corresponds to the JSON property `allowedValues`
|
948
841
|
# @return [Array<String>]
|
949
842
|
attr_accessor :allowed_values
|
950
843
|
|
951
|
-
# List of values denied at this resource. Can only be set if `all_values`
|
952
|
-
#
|
844
|
+
# List of values denied at this resource. Can only be set if `all_values` is set
|
845
|
+
# to `ALL_VALUES_UNSPECIFIED`.
|
953
846
|
# Corresponds to the JSON property `deniedValues`
|
954
847
|
# @return [Array<String>]
|
955
848
|
attr_accessor :denied_values
|
956
849
|
|
957
|
-
# Determines the inheritance behavior for this `Policy`.
|
958
|
-
#
|
959
|
-
#
|
960
|
-
#
|
961
|
-
#
|
962
|
-
#
|
963
|
-
#
|
964
|
-
#
|
965
|
-
#
|
966
|
-
#
|
967
|
-
#
|
968
|
-
#
|
969
|
-
#
|
970
|
-
#
|
971
|
-
#
|
972
|
-
#
|
973
|
-
#
|
974
|
-
#
|
975
|
-
# `
|
976
|
-
#
|
977
|
-
#
|
978
|
-
# `
|
979
|
-
#
|
980
|
-
# `organizations/foo` has a `Policy`
|
981
|
-
# `allowed_values: "E1" allowed_values:"E2"`
|
982
|
-
# `
|
983
|
-
# `
|
984
|
-
#
|
985
|
-
#
|
986
|
-
#
|
987
|
-
# `organizations/foo`
|
988
|
-
# `
|
989
|
-
#
|
990
|
-
#
|
991
|
-
# The accepted values at `organizations/foo` are `E1`, `E2`.
|
992
|
-
# The accepted values at `projects/bar` are
|
993
|
-
#
|
994
|
-
# `organizations/foo` has
|
995
|
-
# `
|
996
|
-
#
|
997
|
-
# `
|
998
|
-
#
|
999
|
-
#
|
1000
|
-
#
|
1001
|
-
# `organizations/foo` has a `Policy`
|
1002
|
-
# `allowed_values: "E1" allowed_values:"E2"`
|
1003
|
-
# `
|
1004
|
-
# `
|
1005
|
-
#
|
1006
|
-
#
|
1007
|
-
#
|
1008
|
-
# `
|
1009
|
-
#
|
1010
|
-
#
|
1011
|
-
# `projects/bar`
|
1012
|
-
#
|
1013
|
-
# the value of `constraint_default` (if `ALLOW`, all; if
|
1014
|
-
# `DENY`, none).
|
1015
|
-
# Example 6 (ListConstraint allowing all):
|
1016
|
-
# `organizations/foo` has a `Policy` with values:
|
1017
|
-
# `allowed_values: "E1" allowed_values: "E2"`
|
1018
|
-
# `projects/bar` has a `Policy` with:
|
1019
|
-
# `all: ALLOW`
|
1020
|
-
# The accepted values at `organizations/foo` are `E1`, E2`.
|
1021
|
-
# Any value is accepted at `projects/bar`.
|
1022
|
-
# Example 7 (ListConstraint allowing none):
|
1023
|
-
# `organizations/foo` has a `Policy` with values:
|
1024
|
-
# `allowed_values: "E1" allowed_values: "E2"`
|
1025
|
-
# `projects/bar` has a `Policy` with:
|
1026
|
-
# `all: DENY`
|
1027
|
-
# The accepted values at `organizations/foo` are `E1`, E2`.
|
1028
|
-
# No value is accepted at `projects/bar`.
|
1029
|
-
# Example 10 (allowed and denied subtrees of Resource Manager hierarchy):
|
1030
|
-
# Given the following resource hierarchy
|
1031
|
-
# O1->`F1, F2`; F1->`P1`; F2->`P2, P3`,
|
1032
|
-
# `organizations/foo` has a `Policy` with values:
|
1033
|
-
# `allowed_values: "under:organizations/O1"`
|
1034
|
-
# `projects/bar` has a `Policy` with:
|
1035
|
-
# `allowed_values: "under:projects/P3"`
|
1036
|
-
# `denied_values: "under:folders/F2"`
|
1037
|
-
# The accepted values at `organizations/foo` are `organizations/O1`,
|
1038
|
-
# `folders/F1`, `folders/F2`, `projects/P1`, `projects/P2`,
|
1039
|
-
# `projects/P3`.
|
1040
|
-
# The accepted values at `projects/bar` are `organizations/O1`,
|
1041
|
-
# `folders/F1`, `projects/P1`.
|
850
|
+
# Determines the inheritance behavior for this `Policy`. By default, a `
|
851
|
+
# ListPolicy` set at a resource supersedes any `Policy` set anywhere up the
|
852
|
+
# resource hierarchy. However, if `inherit_from_parent` is set to `true`, then
|
853
|
+
# the values from the effective `Policy` of the parent resource are inherited,
|
854
|
+
# meaning the values set in this `Policy` are added to the values inherited up
|
855
|
+
# the hierarchy. Setting `Policy` hierarchies that inherit both allowed values
|
856
|
+
# and denied values isn't recommended in most circumstances to keep the
|
857
|
+
# configuration simple and understandable. However, it is possible to set a `
|
858
|
+
# Policy` with `allowed_values` set that inherits a `Policy` with `denied_values`
|
859
|
+
# set. In this case, the values that are allowed must be in `allowed_values`
|
860
|
+
# and not present in `denied_values`. For example, suppose you have a `
|
861
|
+
# Constraint` `constraints/serviceuser.services`, which has a `constraint_type`
|
862
|
+
# of `list_constraint`, and with `constraint_default` set to `ALLOW`. Suppose
|
863
|
+
# that at the Organization level, a `Policy` is applied that restricts the
|
864
|
+
# allowed API activations to ``E1`, `E2``. Then, if a `Policy` is applied to a
|
865
|
+
# project below the Organization that has `inherit_from_parent` set to `false`
|
866
|
+
# and field all_values set to DENY, then an attempt to activate any API will be
|
867
|
+
# denied. The following examples demonstrate different possible layerings for `
|
868
|
+
# projects/bar` parented by `organizations/foo`: Example 1 (no inherited values):
|
869
|
+
# `organizations/foo` has a `Policy` with values: `allowed_values: "E1"
|
870
|
+
# allowed_values:"E2"` `projects/bar` has `inherit_from_parent` `false` and
|
871
|
+
# values: `allowed_values: "E3" allowed_values: "E4"` The accepted values at `
|
872
|
+
# organizations/foo` are `E1`, `E2`. The accepted values at `projects/bar` are `
|
873
|
+
# E3`, and `E4`. Example 2 (inherited values): `organizations/foo` has a `Policy`
|
874
|
+
# with values: `allowed_values: "E1" allowed_values:"E2"` `projects/bar` has a `
|
875
|
+
# Policy` with values: `value: "E3" value: "E4" inherit_from_parent: true` The
|
876
|
+
# accepted values at `organizations/foo` are `E1`, `E2`. The accepted values at `
|
877
|
+
# projects/bar` are `E1`, `E2`, `E3`, and `E4`. Example 3 (inheriting both
|
878
|
+
# allowed and denied values): `organizations/foo` has a `Policy` with values: `
|
879
|
+
# allowed_values: "E1" allowed_values: "E2"` `projects/bar` has a `Policy` with:
|
880
|
+
# `denied_values: "E1"` The accepted values at `organizations/foo` are `E1`, `E2`
|
881
|
+
# . The value accepted at `projects/bar` is `E2`. Example 4 (RestoreDefault): `
|
882
|
+
# organizations/foo` has a `Policy` with values: `allowed_values: "E1"
|
883
|
+
# allowed_values:"E2"` `projects/bar` has a `Policy` with values: `
|
884
|
+
# RestoreDefault: ``` The accepted values at `organizations/foo` are `E1`, `E2`.
|
885
|
+
# The accepted values at `projects/bar` are either all or none depending on the
|
886
|
+
# value of `constraint_default` (if `ALLOW`, all; if `DENY`, none). Example 5 (
|
887
|
+
# no policy inherits parent policy): `organizations/foo` has no `Policy` set. `
|
888
|
+
# projects/bar` has no `Policy` set. The accepted values at both levels are
|
889
|
+
# either all or none depending on the value of `constraint_default` (if `ALLOW`,
|
890
|
+
# all; if `DENY`, none). Example 6 (ListConstraint allowing all): `organizations/
|
891
|
+
# foo` has a `Policy` with values: `allowed_values: "E1" allowed_values: "E2"` `
|
892
|
+
# projects/bar` has a `Policy` with: `all: ALLOW` The accepted values at `
|
893
|
+
# organizations/foo` are `E1`, E2`. Any value is accepted at `projects/bar`.
|
894
|
+
# Example 7 (ListConstraint allowing none): `organizations/foo` has a `Policy`
|
895
|
+
# with values: `allowed_values: "E1" allowed_values: "E2"` `projects/bar` has a `
|
896
|
+
# Policy` with: `all: DENY` The accepted values at `organizations/foo` are `E1`,
|
897
|
+
# E2`. No value is accepted at `projects/bar`. Example 10 (allowed and denied
|
898
|
+
# subtrees of Resource Manager hierarchy): Given the following resource
|
899
|
+
# hierarchy O1->`F1, F2`; F1->`P1`; F2->`P2, P3`, `organizations/foo` has a `
|
900
|
+
# Policy` with values: `allowed_values: "under:organizations/O1"` `projects/bar`
|
901
|
+
# has a `Policy` with: `allowed_values: "under:projects/P3"` `denied_values: "
|
902
|
+
# under:folders/F2"` The accepted values at `organizations/foo` are `
|
903
|
+
# organizations/O1`, `folders/F1`, `folders/F2`, `projects/P1`, `projects/P2`, `
|
904
|
+
# projects/P3`. The accepted values at `projects/bar` are `organizations/O1`, `
|
905
|
+
# folders/F1`, `projects/P1`.
|
1042
906
|
# Corresponds to the JSON property `inheritFromParent`
|
1043
907
|
# @return [Boolean]
|
1044
908
|
attr_accessor :inherit_from_parent
|
1045
909
|
alias_method :inherit_from_parent?, :inherit_from_parent
|
1046
910
|
|
1047
|
-
# Optional. The Google Cloud Console will try to default to a configuration
|
1048
|
-
#
|
1049
|
-
#
|
1050
|
-
#
|
911
|
+
# Optional. The Google Cloud Console will try to default to a configuration that
|
912
|
+
# matches the value specified in this `Policy`. If `suggested_value` is not set,
|
913
|
+
# it will inherit the value specified higher in the hierarchy, unless `
|
914
|
+
# inherit_from_parent` is `false`.
|
1051
915
|
# Corresponds to the JSON property `suggestedValue`
|
1052
916
|
# @return [String]
|
1053
917
|
attr_accessor :suggested_value
|
@@ -1066,29 +930,23 @@ module Google
|
|
1066
930
|
end
|
1067
931
|
end
|
1068
932
|
|
1069
|
-
# A page of the response received from the
|
1070
|
-
#
|
1071
|
-
#
|
1072
|
-
# A paginated response where more pages are available has
|
1073
|
-
# `next_page_token` set. This token can be used in a subsequent request to
|
1074
|
-
# retrieve the next request page.
|
933
|
+
# A page of the response received from the ListProjects method. A paginated
|
934
|
+
# response where more pages are available has `next_page_token` set. This token
|
935
|
+
# can be used in a subsequent request to retrieve the next request page.
|
1075
936
|
class ListProjectsResponse
|
1076
937
|
include Google::Apis::Core::Hashable
|
1077
938
|
|
1078
|
-
# Pagination token.
|
1079
|
-
#
|
1080
|
-
# is returned. It encodes the position of the current result cursor.
|
939
|
+
# Pagination token. If the result set is too large to fit in a single response,
|
940
|
+
# this token is returned. It encodes the position of the current result cursor.
|
1081
941
|
# Feeding this value into a new list request with the `page_token` parameter
|
1082
|
-
# gives the next page of the results.
|
1083
|
-
#
|
1084
|
-
# the list returned is the last page in the result set.
|
942
|
+
# gives the next page of the results. When `next_page_token` is not filled in,
|
943
|
+
# there is no next page and the list returned is the last page in the result set.
|
1085
944
|
# Pagination tokens have a limited lifetime.
|
1086
945
|
# Corresponds to the JSON property `nextPageToken`
|
1087
946
|
# @return [String]
|
1088
947
|
attr_accessor :next_page_token
|
1089
948
|
|
1090
|
-
# The list of Projects that matched the list filter. This list can
|
1091
|
-
# be paginated.
|
949
|
+
# The list of Projects that matched the list filter. This list can be paginated.
|
1092
950
|
# Corresponds to the JSON property `projects`
|
1093
951
|
# @return [Array<Google::Apis::CloudresourcemanagerV1::Project>]
|
1094
952
|
attr_accessor :projects
|
@@ -1109,47 +967,45 @@ module Google
|
|
1109
967
|
class Operation
|
1110
968
|
include Google::Apis::Core::Hashable
|
1111
969
|
|
1112
|
-
# If the value is `false`, it means the operation is still in progress.
|
1113
|
-
#
|
1114
|
-
# available.
|
970
|
+
# If the value is `false`, it means the operation is still in progress. If `true`
|
971
|
+
# , the operation is completed, and either `error` or `response` is available.
|
1115
972
|
# Corresponds to the JSON property `done`
|
1116
973
|
# @return [Boolean]
|
1117
974
|
attr_accessor :done
|
1118
975
|
alias_method :done?, :done
|
1119
976
|
|
1120
|
-
# The `Status` type defines a logical error model that is suitable for
|
1121
|
-
#
|
1122
|
-
#
|
1123
|
-
#
|
1124
|
-
#
|
1125
|
-
#
|
977
|
+
# The `Status` type defines a logical error model that is suitable for different
|
978
|
+
# programming environments, including REST APIs and RPC APIs. It is used by [
|
979
|
+
# gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
|
980
|
+
# data: error code, error message, and error details. You can find out more
|
981
|
+
# about this error model and how to work with it in the [API Design Guide](https:
|
982
|
+
# //cloud.google.com/apis/design/errors).
|
1126
983
|
# Corresponds to the JSON property `error`
|
1127
984
|
# @return [Google::Apis::CloudresourcemanagerV1::Status]
|
1128
985
|
attr_accessor :error
|
1129
986
|
|
1130
|
-
# Service-specific metadata associated with the operation.
|
1131
|
-
#
|
1132
|
-
#
|
1133
|
-
#
|
987
|
+
# Service-specific metadata associated with the operation. It typically contains
|
988
|
+
# progress information and common metadata such as create time. Some services
|
989
|
+
# might not provide such metadata. Any method that returns a long-running
|
990
|
+
# operation should document the metadata type, if any.
|
1134
991
|
# Corresponds to the JSON property `metadata`
|
1135
992
|
# @return [Hash<String,Object>]
|
1136
993
|
attr_accessor :metadata
|
1137
994
|
|
1138
995
|
# The server-assigned name, which is only unique within the same service that
|
1139
|
-
# originally returns it. If you use the default HTTP mapping, the
|
1140
|
-
#
|
996
|
+
# originally returns it. If you use the default HTTP mapping, the `name` should
|
997
|
+
# be a resource name ending with `operations/`unique_id``.
|
1141
998
|
# Corresponds to the JSON property `name`
|
1142
999
|
# @return [String]
|
1143
1000
|
attr_accessor :name
|
1144
1001
|
|
1145
|
-
# The normal response of the operation in case of success.
|
1146
|
-
# method returns no data on success, such as `Delete`, the response is
|
1147
|
-
#
|
1148
|
-
#
|
1149
|
-
#
|
1150
|
-
#
|
1151
|
-
#
|
1152
|
-
# `TakeSnapshotResponse`.
|
1002
|
+
# The normal response of the operation in case of success. If the original
|
1003
|
+
# method returns no data on success, such as `Delete`, the response is `google.
|
1004
|
+
# protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`,
|
1005
|
+
# the response should be the resource. For other methods, the response should
|
1006
|
+
# have the type `XxxResponse`, where `Xxx` is the original method name. For
|
1007
|
+
# example, if the original method name is `TakeSnapshot()`, the inferred
|
1008
|
+
# response type is `TakeSnapshotResponse`.
|
1153
1009
|
# Corresponds to the JSON property `response`
|
1154
1010
|
# @return [Hash<String,Object>]
|
1155
1011
|
attr_accessor :response
|
@@ -1179,76 +1035,65 @@ module Google
|
|
1179
1035
|
# @return [Google::Apis::CloudresourcemanagerV1::BooleanPolicy]
|
1180
1036
|
attr_accessor :boolean_policy
|
1181
1037
|
|
1182
|
-
# The name of the `Constraint` the `Policy` is configuring, for example,
|
1183
|
-
#
|
1184
|
-
#
|
1185
|
-
# constraints](/resource-manager/docs/organization-policy/org-policy-constraints)
|
1186
|
-
# is available.
|
1038
|
+
# The name of the `Constraint` the `Policy` is configuring, for example, `
|
1039
|
+
# constraints/serviceuser.services`. A [list of available constraints](/resource-
|
1040
|
+
# manager/docs/organization-policy/org-policy-constraints) is available.
|
1187
1041
|
# Immutable after creation.
|
1188
1042
|
# Corresponds to the JSON property `constraint`
|
1189
1043
|
# @return [String]
|
1190
1044
|
attr_accessor :constraint
|
1191
1045
|
|
1192
1046
|
# An opaque tag indicating the current version of the `Policy`, used for
|
1193
|
-
# concurrency control.
|
1194
|
-
#
|
1195
|
-
# `
|
1196
|
-
# `
|
1197
|
-
#
|
1198
|
-
# `
|
1199
|
-
#
|
1200
|
-
#
|
1201
|
-
# read-modify-write loop for concurrency control. Not setting the `etag`in a
|
1202
|
-
# `SetOrgPolicy` request will result in an unconditional write of the
|
1203
|
-
# `Policy`.
|
1047
|
+
# concurrency control. When the `Policy` is returned from either a `GetPolicy`
|
1048
|
+
# or a `ListOrgPolicy` request, this `etag` indicates the version of the current
|
1049
|
+
# `Policy` to use when executing a read-modify-write loop. When the `Policy` is
|
1050
|
+
# returned from a `GetEffectivePolicy` request, the `etag` will be unset. When
|
1051
|
+
# the `Policy` is used in a `SetOrgPolicy` method, use the `etag` value that was
|
1052
|
+
# returned from a `GetOrgPolicy` request as part of a read-modify-write loop for
|
1053
|
+
# concurrency control. Not setting the `etag`in a `SetOrgPolicy` request will
|
1054
|
+
# result in an unconditional write of the `Policy`.
|
1204
1055
|
# Corresponds to the JSON property `etag`
|
1205
1056
|
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
1206
1057
|
# @return [String]
|
1207
1058
|
attr_accessor :etag
|
1208
1059
|
|
1209
|
-
# Used in `policy_type` to specify how `list_policy` behaves at this
|
1210
|
-
#
|
1211
|
-
#
|
1212
|
-
#
|
1213
|
-
#
|
1214
|
-
#
|
1215
|
-
#
|
1216
|
-
#
|
1217
|
-
#
|
1218
|
-
#
|
1219
|
-
#
|
1220
|
-
#
|
1221
|
-
#
|
1222
|
-
#
|
1223
|
-
#
|
1224
|
-
#
|
1225
|
-
# `denied_values` in the same `Policy` if `all_values` is
|
1226
|
-
# `ALL_VALUES_UNSPECIFIED`. `ALLOW` or `DENY` are used to allow or deny all
|
1227
|
-
# values. If `all_values` is set to either `ALLOW` or `DENY`,
|
1228
|
-
# `allowed_values` and `denied_values` must be unset.
|
1060
|
+
# Used in `policy_type` to specify how `list_policy` behaves at this resource. `
|
1061
|
+
# ListPolicy` can define specific values and subtrees of Cloud Resource Manager
|
1062
|
+
# resource hierarchy (`Organizations`, `Folders`, `Projects`) that are allowed
|
1063
|
+
# or denied by setting the `allowed_values` and `denied_values` fields. This is
|
1064
|
+
# achieved by using the `under:` and optional `is:` prefixes. The `under:`
|
1065
|
+
# prefix is used to denote resource subtree values. The `is:` prefix is used to
|
1066
|
+
# denote specific values, and is required only if the value contains a ":".
|
1067
|
+
# Values prefixed with "is:" are treated the same as values with no prefix.
|
1068
|
+
# Ancestry subtrees must be in one of the following formats: - "projects/", e.g.
|
1069
|
+
# "projects/tokyo-rain-123" - "folders/", e.g. "folders/1234" - "organizations/",
|
1070
|
+
# e.g. "organizations/1234" The `supports_under` field of the associated `
|
1071
|
+
# Constraint` defines whether ancestry prefixes can be used. You can set `
|
1072
|
+
# allowed_values` and `denied_values` in the same `Policy` if `all_values` is `
|
1073
|
+
# ALL_VALUES_UNSPECIFIED`. `ALLOW` or `DENY` are used to allow or deny all
|
1074
|
+
# values. If `all_values` is set to either `ALLOW` or `DENY`, `allowed_values`
|
1075
|
+
# and `denied_values` must be unset.
|
1229
1076
|
# Corresponds to the JSON property `listPolicy`
|
1230
1077
|
# @return [Google::Apis::CloudresourcemanagerV1::ListPolicy]
|
1231
1078
|
attr_accessor :list_policy
|
1232
1079
|
|
1233
|
-
# Ignores policies set above this resource and restores the
|
1234
|
-
#
|
1235
|
-
#
|
1236
|
-
# Suppose that
|
1237
|
-
#
|
1238
|
-
#
|
1239
|
-
# the
|
1240
|
-
#
|
1241
|
-
#
|
1242
|
-
# enforcement of the `Constraint` for only those projects, allowing those
|
1243
|
-
# projects to have all services activated.
|
1080
|
+
# Ignores policies set above this resource and restores the `constraint_default`
|
1081
|
+
# enforcement behavior of the specific `Constraint` at this resource. Suppose
|
1082
|
+
# that `constraint_default` is set to `ALLOW` for the `Constraint` `constraints/
|
1083
|
+
# serviceuser.services`. Suppose that organization foo.com sets a `Policy` at
|
1084
|
+
# their Organization resource node that restricts the allowed service
|
1085
|
+
# activations to deny all service activations. They could then set a `Policy`
|
1086
|
+
# with the `policy_type` `restore_default` on several experimental projects,
|
1087
|
+
# restoring the `constraint_default` enforcement of the `Constraint` for only
|
1088
|
+
# those projects, allowing those projects to have all services activated.
|
1244
1089
|
# Corresponds to the JSON property `restoreDefault`
|
1245
1090
|
# @return [Google::Apis::CloudresourcemanagerV1::RestoreDefault]
|
1246
1091
|
attr_accessor :restore_default
|
1247
1092
|
|
1248
|
-
# The time stamp the `Policy` was previously updated. This is set by the
|
1249
|
-
#
|
1250
|
-
#
|
1251
|
-
#
|
1093
|
+
# The time stamp the `Policy` was previously updated. This is set by the server,
|
1094
|
+
# not specified by the caller, and represents the last time a call to `
|
1095
|
+
# SetOrgPolicy` was made for that `Policy`. Any value set by the client will be
|
1096
|
+
# ignored.
|
1252
1097
|
# Corresponds to the JSON property `updateTime`
|
1253
1098
|
# @return [String]
|
1254
1099
|
attr_accessor :update_time
|
@@ -1274,8 +1119,8 @@ module Google
|
|
1274
1119
|
end
|
1275
1120
|
end
|
1276
1121
|
|
1277
|
-
# The root node in the resource hierarchy to which a particular entity's
|
1278
|
-
#
|
1122
|
+
# The root node in the resource hierarchy to which a particular entity's (e.g.,
|
1123
|
+
# company) resources belong.
|
1279
1124
|
class Organization
|
1280
1125
|
include Google::Apis::Core::Hashable
|
1281
1126
|
|
@@ -1284,10 +1129,10 @@ module Google
|
|
1284
1129
|
# @return [String]
|
1285
1130
|
attr_accessor :creation_time
|
1286
1131
|
|
1287
|
-
# A human-readable string that refers to the Organization in the
|
1288
|
-
#
|
1289
|
-
#
|
1290
|
-
#
|
1132
|
+
# A human-readable string that refers to the Organization in the GCP Console UI.
|
1133
|
+
# This string is set by the server and cannot be changed. The string will be set
|
1134
|
+
# to the primary domain (for example, "google.com") of the G Suite customer that
|
1135
|
+
# owns the organization.
|
1291
1136
|
# Corresponds to the JSON property `displayName`
|
1292
1137
|
# @return [String]
|
1293
1138
|
attr_accessor :display_name
|
@@ -1297,16 +1142,16 @@ module Google
|
|
1297
1142
|
# @return [String]
|
1298
1143
|
attr_accessor :lifecycle_state
|
1299
1144
|
|
1300
|
-
# Output only. The resource name of the organization. This is the
|
1301
|
-
#
|
1302
|
-
#
|
1145
|
+
# Output only. The resource name of the organization. This is the organization's
|
1146
|
+
# relative path in the API. Its format is "organizations/[organization_id]". For
|
1147
|
+
# example, "organizations/1234".
|
1303
1148
|
# Corresponds to the JSON property `name`
|
1304
1149
|
# @return [String]
|
1305
1150
|
attr_accessor :name
|
1306
1151
|
|
1307
|
-
# The entity that owns an Organization. The lifetime of the Organization and
|
1308
|
-
#
|
1309
|
-
#
|
1152
|
+
# The entity that owns an Organization. The lifetime of the Organization and all
|
1153
|
+
# of its descendants are bound to the `OrganizationOwner`. If the `
|
1154
|
+
# OrganizationOwner` is deleted, the Organization and all its descendants will
|
1310
1155
|
# be deleted.
|
1311
1156
|
# Corresponds to the JSON property `owner`
|
1312
1157
|
# @return [Google::Apis::CloudresourcemanagerV1::OrganizationOwner]
|
@@ -1326,9 +1171,9 @@ module Google
|
|
1326
1171
|
end
|
1327
1172
|
end
|
1328
1173
|
|
1329
|
-
# The entity that owns an Organization. The lifetime of the Organization and
|
1330
|
-
#
|
1331
|
-
#
|
1174
|
+
# The entity that owns an Organization. The lifetime of the Organization and all
|
1175
|
+
# of its descendants are bound to the `OrganizationOwner`. If the `
|
1176
|
+
# OrganizationOwner` is deleted, the Organization and all its descendants will
|
1332
1177
|
# be deleted.
|
1333
1178
|
class OrganizationOwner
|
1334
1179
|
include Google::Apis::Core::Hashable
|
@@ -1349,66 +1194,32 @@ module Google
|
|
1349
1194
|
end
|
1350
1195
|
|
1351
1196
|
# An Identity and Access Management (IAM) policy, which specifies access
|
1352
|
-
# controls for Google Cloud resources.
|
1353
|
-
# A `
|
1354
|
-
#
|
1355
|
-
#
|
1356
|
-
#
|
1357
|
-
#
|
1358
|
-
#
|
1359
|
-
#
|
1360
|
-
#
|
1361
|
-
#
|
1362
|
-
#
|
1363
|
-
# [
|
1364
|
-
#
|
1365
|
-
#
|
1366
|
-
# `
|
1367
|
-
# "
|
1368
|
-
# `
|
1369
|
-
# "
|
1370
|
-
#
|
1371
|
-
#
|
1372
|
-
#
|
1373
|
-
#
|
1374
|
-
#
|
1375
|
-
#
|
1376
|
-
#
|
1377
|
-
#
|
1378
|
-
# "role": "roles/resourcemanager.organizationViewer",
|
1379
|
-
# "members": [
|
1380
|
-
# "user:eve@example.com"
|
1381
|
-
# ],
|
1382
|
-
# "condition": `
|
1383
|
-
# "title": "expirable access",
|
1384
|
-
# "description": "Does not grant access after Sep 2020",
|
1385
|
-
# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')
|
1386
|
-
# ",
|
1387
|
-
# `
|
1388
|
-
# `
|
1389
|
-
# ],
|
1390
|
-
# "etag": "BwWWja0YfJA=",
|
1391
|
-
# "version": 3
|
1392
|
-
# `
|
1393
|
-
# **YAML example:**
|
1394
|
-
# bindings:
|
1395
|
-
# - members:
|
1396
|
-
# - user:mike@example.com
|
1397
|
-
# - group:admins@example.com
|
1398
|
-
# - domain:google.com
|
1399
|
-
# - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1400
|
-
# role: roles/resourcemanager.organizationAdmin
|
1401
|
-
# - members:
|
1402
|
-
# - user:eve@example.com
|
1403
|
-
# role: roles/resourcemanager.organizationViewer
|
1404
|
-
# condition:
|
1405
|
-
# title: expirable access
|
1406
|
-
# description: Does not grant access after Sep 2020
|
1407
|
-
# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
|
1408
|
-
# - etag: BwWWja0YfJA=
|
1409
|
-
# - version: 3
|
1410
|
-
# For a description of IAM and its features, see the
|
1411
|
-
# [IAM documentation](https://cloud.google.com/iam/docs/).
|
1197
|
+
# controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
|
1198
|
+
# A `binding` binds one or more `members` to a single `role`. Members can be
|
1199
|
+
# user accounts, service accounts, Google groups, and domains (such as G Suite).
|
1200
|
+
# A `role` is a named list of permissions; each `role` can be an IAM predefined
|
1201
|
+
# role or a user-created custom role. For some types of Google Cloud resources,
|
1202
|
+
# a `binding` can also specify a `condition`, which is a logical expression that
|
1203
|
+
# allows access to a resource only if the expression evaluates to `true`. A
|
1204
|
+
# condition can add constraints based on attributes of the request, the resource,
|
1205
|
+
# or both. To learn which resources support conditions in their IAM policies,
|
1206
|
+
# see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
|
1207
|
+
# resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
|
1208
|
+
# resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
|
1209
|
+
# group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
|
1210
|
+
# appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
|
1211
|
+
# organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
|
1212
|
+
# title": "expirable access", "description": "Does not grant access after Sep
|
1213
|
+
# 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
|
1214
|
+
# ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
|
1215
|
+
# members: - user:mike@example.com - group:admins@example.com - domain:google.
|
1216
|
+
# com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
|
1217
|
+
# resourcemanager.organizationAdmin - members: - user:eve@example.com role:
|
1218
|
+
# roles/resourcemanager.organizationViewer condition: title: expirable access
|
1219
|
+
# description: Does not grant access after Sep 2020 expression: request.time <
|
1220
|
+
# timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
|
1221
|
+
# description of IAM and its features, see the [IAM documentation](https://cloud.
|
1222
|
+
# google.com/iam/docs/).
|
1412
1223
|
class Policy
|
1413
1224
|
include Google::Apis::Core::Hashable
|
1414
1225
|
|
@@ -1417,48 +1228,44 @@ module Google
|
|
1417
1228
|
# @return [Array<Google::Apis::CloudresourcemanagerV1::AuditConfig>]
|
1418
1229
|
attr_accessor :audit_configs
|
1419
1230
|
|
1420
|
-
# Associates a list of `members` to a `role`. Optionally, may specify a
|
1421
|
-
#
|
1422
|
-
#
|
1231
|
+
# Associates a list of `members` to a `role`. Optionally, may specify a `
|
1232
|
+
# condition` that determines how and when the `bindings` are applied. Each of
|
1233
|
+
# the `bindings` must contain at least one member.
|
1423
1234
|
# Corresponds to the JSON property `bindings`
|
1424
1235
|
# @return [Array<Google::Apis::CloudresourcemanagerV1::Binding>]
|
1425
1236
|
attr_accessor :bindings
|
1426
1237
|
|
1427
|
-
# `etag` is used for optimistic concurrency control as a way to help
|
1428
|
-
#
|
1429
|
-
#
|
1430
|
-
#
|
1431
|
-
#
|
1432
|
-
#
|
1433
|
-
#
|
1434
|
-
#
|
1435
|
-
#
|
1436
|
-
#
|
1437
|
-
#
|
1238
|
+
# `etag` is used for optimistic concurrency control as a way to help prevent
|
1239
|
+
# simultaneous updates of a policy from overwriting each other. It is strongly
|
1240
|
+
# suggested that systems make use of the `etag` in the read-modify-write cycle
|
1241
|
+
# to perform policy updates in order to avoid race conditions: An `etag` is
|
1242
|
+
# returned in the response to `getIamPolicy`, and systems are expected to put
|
1243
|
+
# that etag in the request to `setIamPolicy` to ensure that their change will be
|
1244
|
+
# applied to the same version of the policy. **Important:** If you use IAM
|
1245
|
+
# Conditions, you must include the `etag` field whenever you call `setIamPolicy`.
|
1246
|
+
# If you omit this field, then IAM allows you to overwrite a version `3` policy
|
1247
|
+
# with a version `1` policy, and all of the conditions in the version `3` policy
|
1248
|
+
# are lost.
|
1438
1249
|
# Corresponds to the JSON property `etag`
|
1439
1250
|
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
1440
1251
|
# @return [String]
|
1441
1252
|
attr_accessor :etag
|
1442
1253
|
|
1443
|
-
# Specifies the format of the policy.
|
1444
|
-
#
|
1445
|
-
#
|
1446
|
-
#
|
1447
|
-
#
|
1448
|
-
#
|
1449
|
-
#
|
1450
|
-
#
|
1451
|
-
#
|
1452
|
-
#
|
1453
|
-
#
|
1454
|
-
#
|
1455
|
-
#
|
1456
|
-
#
|
1457
|
-
#
|
1458
|
-
# specify any valid version or leave the field unset.
|
1459
|
-
# To learn which resources support conditions in their IAM policies, see the
|
1460
|
-
# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-
|
1461
|
-
# policies).
|
1254
|
+
# Specifies the format of the policy. Valid values are `0`, `1`, and `3`.
|
1255
|
+
# Requests that specify an invalid value are rejected. Any operation that
|
1256
|
+
# affects conditional role bindings must specify version `3`. This requirement
|
1257
|
+
# applies to the following operations: * Getting a policy that includes a
|
1258
|
+
# conditional role binding * Adding a conditional role binding to a policy *
|
1259
|
+
# Changing a conditional role binding in a policy * Removing any role binding,
|
1260
|
+
# with or without a condition, from a policy that includes conditions **
|
1261
|
+
# Important:** If you use IAM Conditions, you must include the `etag` field
|
1262
|
+
# whenever you call `setIamPolicy`. If you omit this field, then IAM allows you
|
1263
|
+
# to overwrite a version `3` policy with a version `1` policy, and all of the
|
1264
|
+
# conditions in the version `3` policy are lost. If a policy does not include
|
1265
|
+
# any conditions, operations on that policy may specify any valid version or
|
1266
|
+
# leave the field unset. To learn which resources support conditions in their
|
1267
|
+
# IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/
|
1268
|
+
# conditions/resource-policies).
|
1462
1269
|
# Corresponds to the JSON property `version`
|
1463
1270
|
# @return [Fixnum]
|
1464
1271
|
attr_accessor :version
|
@@ -1476,69 +1283,56 @@ module Google
|
|
1476
1283
|
end
|
1477
1284
|
end
|
1478
1285
|
|
1479
|
-
# A Project is a high-level Google Cloud Platform entity.
|
1480
|
-
#
|
1481
|
-
# Google Cloud Platform resources.
|
1286
|
+
# A Project is a high-level Google Cloud Platform entity. It is a container for
|
1287
|
+
# ACLs, APIs, App Engine Apps, VMs, and other Google Cloud Platform resources.
|
1482
1288
|
class Project
|
1483
1289
|
include Google::Apis::Core::Hashable
|
1484
1290
|
|
1485
|
-
# Creation time.
|
1486
|
-
# Read-only.
|
1291
|
+
# Creation time. Read-only.
|
1487
1292
|
# Corresponds to the JSON property `createTime`
|
1488
1293
|
# @return [String]
|
1489
1294
|
attr_accessor :create_time
|
1490
1295
|
|
1491
|
-
# The labels associated with this Project.
|
1492
|
-
#
|
1493
|
-
#
|
1494
|
-
#
|
1495
|
-
#
|
1496
|
-
#
|
1497
|
-
#
|
1498
|
-
# depend on specific characters being disallowed.
|
1499
|
-
# Example: <code>"environment" : "dev"</code>
|
1500
|
-
# Read-write.
|
1296
|
+
# The labels associated with this Project. Label keys must be between 1 and 63
|
1297
|
+
# characters long and must conform to the following regular expression: a-z`0,62`
|
1298
|
+
# . Label values must be between 0 and 63 characters long and must conform to
|
1299
|
+
# the regular expression [a-z0-9_-]`0,63`. A label value can be empty. No more
|
1300
|
+
# than 256 labels can be associated with a given resource. Clients should store
|
1301
|
+
# labels in a representation such as JSON that does not depend on specific
|
1302
|
+
# characters being disallowed. Example: "environment" : "dev" Read-write.
|
1501
1303
|
# Corresponds to the JSON property `labels`
|
1502
1304
|
# @return [Hash<String,String>]
|
1503
1305
|
attr_accessor :labels
|
1504
1306
|
|
1505
|
-
# The Project lifecycle state.
|
1506
|
-
# Read-only.
|
1307
|
+
# The Project lifecycle state. Read-only.
|
1507
1308
|
# Corresponds to the JSON property `lifecycleState`
|
1508
1309
|
# @return [String]
|
1509
1310
|
attr_accessor :lifecycle_state
|
1510
1311
|
|
1511
|
-
# The optional user-assigned display name of the Project.
|
1512
|
-
#
|
1513
|
-
#
|
1514
|
-
#
|
1515
|
-
# Example: <code>My Project</code>
|
1516
|
-
# Read-write.
|
1312
|
+
# The optional user-assigned display name of the Project. When present it must
|
1313
|
+
# be between 4 to 30 characters. Allowed characters are: lowercase and uppercase
|
1314
|
+
# letters, numbers, hyphen, single-quote, double-quote, space, and exclamation
|
1315
|
+
# point. Example: My Project Read-write.
|
1517
1316
|
# Corresponds to the JSON property `name`
|
1518
1317
|
# @return [String]
|
1519
1318
|
attr_accessor :name
|
1520
1319
|
|
1521
1320
|
# A container to reference an id for any resource type. A `resource` in Google
|
1522
1321
|
# Cloud Platform is a generic term for something you (a developer) may want to
|
1523
|
-
# interact with through one of our API's. Some examples are an App Engine app,
|
1524
|
-
#
|
1322
|
+
# interact with through one of our API's. Some examples are an App Engine app, a
|
1323
|
+
# Compute Engine instance, a Cloud SQL database, and so on.
|
1525
1324
|
# Corresponds to the JSON property `parent`
|
1526
1325
|
# @return [Google::Apis::CloudresourcemanagerV1::ResourceId]
|
1527
1326
|
attr_accessor :parent
|
1528
1327
|
|
1529
|
-
# The unique, user-assigned ID of the Project.
|
1530
|
-
#
|
1531
|
-
#
|
1532
|
-
# Trailing hyphens are prohibited.
|
1533
|
-
# Example: <code>tokyo-rain-123</code>
|
1534
|
-
# Read-only after creation.
|
1328
|
+
# The unique, user-assigned ID of the Project. It must be 6 to 30 lowercase
|
1329
|
+
# letters, digits, or hyphens. It must start with a letter. Trailing hyphens are
|
1330
|
+
# prohibited. Example: tokyo-rain-123 Read-only after creation.
|
1535
1331
|
# Corresponds to the JSON property `projectId`
|
1536
1332
|
# @return [String]
|
1537
1333
|
attr_accessor :project_id
|
1538
1334
|
|
1539
|
-
# The number uniquely identifying the project.
|
1540
|
-
# Example: <code>415104041262</code>
|
1541
|
-
# Read-only.
|
1335
|
+
# The number uniquely identifying the project. Example: 415104041262 Read-only.
|
1542
1336
|
# Corresponds to the JSON property `projectNumber`
|
1543
1337
|
# @return [Fixnum]
|
1544
1338
|
attr_accessor :project_number
|
@@ -1570,9 +1364,8 @@ module Google
|
|
1570
1364
|
# @return [String]
|
1571
1365
|
attr_accessor :create_time
|
1572
1366
|
|
1573
|
-
# True if the project can be retrieved using GetProject. No other operations
|
1574
|
-
#
|
1575
|
-
# complete.
|
1367
|
+
# True if the project can be retrieved using GetProject. No other operations on
|
1368
|
+
# the project are guaranteed to work until the project creation is complete.
|
1576
1369
|
# Corresponds to the JSON property `gettable`
|
1577
1370
|
# @return [Boolean]
|
1578
1371
|
attr_accessor :gettable
|
@@ -1598,19 +1391,19 @@ module Google
|
|
1598
1391
|
|
1599
1392
|
# A container to reference an id for any resource type. A `resource` in Google
|
1600
1393
|
# Cloud Platform is a generic term for something you (a developer) may want to
|
1601
|
-
# interact with through one of our API's. Some examples are an App Engine app,
|
1602
|
-
#
|
1394
|
+
# interact with through one of our API's. Some examples are an App Engine app, a
|
1395
|
+
# Compute Engine instance, a Cloud SQL database, and so on.
|
1603
1396
|
class ResourceId
|
1604
1397
|
include Google::Apis::Core::Hashable
|
1605
1398
|
|
1606
|
-
# Required field for the type-specific id. This should correspond to the id
|
1607
|
-
#
|
1399
|
+
# Required field for the type-specific id. This should correspond to the id used
|
1400
|
+
# in the type-specific API's.
|
1608
1401
|
# Corresponds to the JSON property `id`
|
1609
1402
|
# @return [String]
|
1610
1403
|
attr_accessor :id
|
1611
1404
|
|
1612
|
-
# Required field representing the resource type this id is for.
|
1613
|
-
#
|
1405
|
+
# Required field representing the resource type this id is for. At present, the
|
1406
|
+
# valid types are: "organization", "folder", and "project".
|
1614
1407
|
# Corresponds to the JSON property `type`
|
1615
1408
|
# @return [String]
|
1616
1409
|
attr_accessor :type
|
@@ -1626,17 +1419,15 @@ module Google
|
|
1626
1419
|
end
|
1627
1420
|
end
|
1628
1421
|
|
1629
|
-
# Ignores policies set above this resource and restores the
|
1630
|
-
#
|
1631
|
-
#
|
1632
|
-
# Suppose that
|
1633
|
-
#
|
1634
|
-
#
|
1635
|
-
# the
|
1636
|
-
#
|
1637
|
-
#
|
1638
|
-
# enforcement of the `Constraint` for only those projects, allowing those
|
1639
|
-
# projects to have all services activated.
|
1422
|
+
# Ignores policies set above this resource and restores the `constraint_default`
|
1423
|
+
# enforcement behavior of the specific `Constraint` at this resource. Suppose
|
1424
|
+
# that `constraint_default` is set to `ALLOW` for the `Constraint` `constraints/
|
1425
|
+
# serviceuser.services`. Suppose that organization foo.com sets a `Policy` at
|
1426
|
+
# their Organization resource node that restricts the allowed service
|
1427
|
+
# activations to deny all service activations. They could then set a `Policy`
|
1428
|
+
# with the `policy_type` `restore_default` on several experimental projects,
|
1429
|
+
# restoring the `constraint_default` enforcement of the `Constraint` for only
|
1430
|
+
# those projects, allowing those projects to have all services activated.
|
1640
1431
|
class RestoreDefault
|
1641
1432
|
include Google::Apis::Core::Hashable
|
1642
1433
|
|
@@ -1653,28 +1444,25 @@ module Google
|
|
1653
1444
|
class SearchOrganizationsRequest
|
1654
1445
|
include Google::Apis::Core::Hashable
|
1655
1446
|
|
1656
|
-
# An optional query string used to filter the Organizations to return in
|
1657
|
-
#
|
1658
|
-
#
|
1659
|
-
#
|
1660
|
-
#
|
1661
|
-
#
|
1662
|
-
#
|
1663
|
-
# to the domain `google.com`.
|
1664
|
-
# This field is optional.
|
1447
|
+
# An optional query string used to filter the Organizations to return in the
|
1448
|
+
# response. Filter rules are case-insensitive. Organizations may be filtered by `
|
1449
|
+
# owner.directoryCustomerId` or by `domain`, where the domain is a G Suite
|
1450
|
+
# domain, for example: * Filter `owner.directorycustomerid:123456789` returns
|
1451
|
+
# Organization resources with `owner.directory_customer_id` equal to `123456789`.
|
1452
|
+
# * Filter `domain:google.com` returns Organization resources corresponding to
|
1453
|
+
# the domain `google.com`. This field is optional.
|
1665
1454
|
# Corresponds to the JSON property `filter`
|
1666
1455
|
# @return [String]
|
1667
1456
|
attr_accessor :filter
|
1668
1457
|
|
1669
|
-
# The maximum number of Organizations to return in the response.
|
1670
|
-
#
|
1458
|
+
# The maximum number of Organizations to return in the response. This field is
|
1459
|
+
# optional.
|
1671
1460
|
# Corresponds to the JSON property `pageSize`
|
1672
1461
|
# @return [Fixnum]
|
1673
1462
|
attr_accessor :page_size
|
1674
1463
|
|
1675
|
-
# A pagination token returned from a previous call to `SearchOrganizations`
|
1676
|
-
#
|
1677
|
-
# This field is optional.
|
1464
|
+
# A pagination token returned from a previous call to `SearchOrganizations` that
|
1465
|
+
# indicates from where listing should continue. This field is optional.
|
1678
1466
|
# Corresponds to the JSON property `pageToken`
|
1679
1467
|
# @return [String]
|
1680
1468
|
attr_accessor :page_token
|
@@ -1696,16 +1484,15 @@ module Google
|
|
1696
1484
|
include Google::Apis::Core::Hashable
|
1697
1485
|
|
1698
1486
|
# A pagination token to be used to retrieve the next page of results. If the
|
1699
|
-
# result is too large to fit within the page size specified in the request,
|
1700
|
-
#
|
1701
|
-
#
|
1702
|
-
#
|
1487
|
+
# result is too large to fit within the page size specified in the request, this
|
1488
|
+
# field will be set with a token that can be used to fetch the next page of
|
1489
|
+
# results. If this field is empty, it indicates that this response contains the
|
1490
|
+
# last page of results.
|
1703
1491
|
# Corresponds to the JSON property `nextPageToken`
|
1704
1492
|
# @return [String]
|
1705
1493
|
attr_accessor :next_page_token
|
1706
1494
|
|
1707
|
-
# The list of Organizations that matched the search query, possibly
|
1708
|
-
# paginated.
|
1495
|
+
# The list of Organizations that matched the search query, possibly paginated.
|
1709
1496
|
# Corresponds to the JSON property `organizations`
|
1710
1497
|
# @return [Array<Google::Apis::CloudresourcemanagerV1::Organization>]
|
1711
1498
|
attr_accessor :organizations
|
@@ -1726,74 +1513,39 @@ module Google
|
|
1726
1513
|
include Google::Apis::Core::Hashable
|
1727
1514
|
|
1728
1515
|
# An Identity and Access Management (IAM) policy, which specifies access
|
1729
|
-
# controls for Google Cloud resources.
|
1730
|
-
# A `
|
1731
|
-
#
|
1732
|
-
#
|
1733
|
-
#
|
1734
|
-
#
|
1735
|
-
#
|
1736
|
-
#
|
1737
|
-
#
|
1738
|
-
#
|
1739
|
-
#
|
1740
|
-
# [
|
1741
|
-
#
|
1742
|
-
#
|
1743
|
-
# `
|
1744
|
-
# "
|
1745
|
-
# `
|
1746
|
-
# "
|
1747
|
-
#
|
1748
|
-
#
|
1749
|
-
#
|
1750
|
-
#
|
1751
|
-
#
|
1752
|
-
#
|
1753
|
-
#
|
1754
|
-
#
|
1755
|
-
# "role": "roles/resourcemanager.organizationViewer",
|
1756
|
-
# "members": [
|
1757
|
-
# "user:eve@example.com"
|
1758
|
-
# ],
|
1759
|
-
# "condition": `
|
1760
|
-
# "title": "expirable access",
|
1761
|
-
# "description": "Does not grant access after Sep 2020",
|
1762
|
-
# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')
|
1763
|
-
# ",
|
1764
|
-
# `
|
1765
|
-
# `
|
1766
|
-
# ],
|
1767
|
-
# "etag": "BwWWja0YfJA=",
|
1768
|
-
# "version": 3
|
1769
|
-
# `
|
1770
|
-
# **YAML example:**
|
1771
|
-
# bindings:
|
1772
|
-
# - members:
|
1773
|
-
# - user:mike@example.com
|
1774
|
-
# - group:admins@example.com
|
1775
|
-
# - domain:google.com
|
1776
|
-
# - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1777
|
-
# role: roles/resourcemanager.organizationAdmin
|
1778
|
-
# - members:
|
1779
|
-
# - user:eve@example.com
|
1780
|
-
# role: roles/resourcemanager.organizationViewer
|
1781
|
-
# condition:
|
1782
|
-
# title: expirable access
|
1783
|
-
# description: Does not grant access after Sep 2020
|
1784
|
-
# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
|
1785
|
-
# - etag: BwWWja0YfJA=
|
1786
|
-
# - version: 3
|
1787
|
-
# For a description of IAM and its features, see the
|
1788
|
-
# [IAM documentation](https://cloud.google.com/iam/docs/).
|
1516
|
+
# controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
|
1517
|
+
# A `binding` binds one or more `members` to a single `role`. Members can be
|
1518
|
+
# user accounts, service accounts, Google groups, and domains (such as G Suite).
|
1519
|
+
# A `role` is a named list of permissions; each `role` can be an IAM predefined
|
1520
|
+
# role or a user-created custom role. For some types of Google Cloud resources,
|
1521
|
+
# a `binding` can also specify a `condition`, which is a logical expression that
|
1522
|
+
# allows access to a resource only if the expression evaluates to `true`. A
|
1523
|
+
# condition can add constraints based on attributes of the request, the resource,
|
1524
|
+
# or both. To learn which resources support conditions in their IAM policies,
|
1525
|
+
# see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
|
1526
|
+
# resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
|
1527
|
+
# resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
|
1528
|
+
# group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
|
1529
|
+
# appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
|
1530
|
+
# organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
|
1531
|
+
# title": "expirable access", "description": "Does not grant access after Sep
|
1532
|
+
# 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
|
1533
|
+
# ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
|
1534
|
+
# members: - user:mike@example.com - group:admins@example.com - domain:google.
|
1535
|
+
# com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
|
1536
|
+
# resourcemanager.organizationAdmin - members: - user:eve@example.com role:
|
1537
|
+
# roles/resourcemanager.organizationViewer condition: title: expirable access
|
1538
|
+
# description: Does not grant access after Sep 2020 expression: request.time <
|
1539
|
+
# timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
|
1540
|
+
# description of IAM and its features, see the [IAM documentation](https://cloud.
|
1541
|
+
# google.com/iam/docs/).
|
1789
1542
|
# Corresponds to the JSON property `policy`
|
1790
1543
|
# @return [Google::Apis::CloudresourcemanagerV1::Policy]
|
1791
1544
|
attr_accessor :policy
|
1792
1545
|
|
1793
1546
|
# OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
|
1794
|
-
# the fields in the mask will be modified. If no mask is provided, the
|
1795
|
-
#
|
1796
|
-
# `paths: "bindings, etag"`
|
1547
|
+
# the fields in the mask will be modified. If no mask is provided, the following
|
1548
|
+
# default mask is used: `paths: "bindings, etag"`
|
1797
1549
|
# Corresponds to the JSON property `updateMask`
|
1798
1550
|
# @return [String]
|
1799
1551
|
attr_accessor :update_mask
|
@@ -1829,12 +1581,12 @@ module Google
|
|
1829
1581
|
end
|
1830
1582
|
end
|
1831
1583
|
|
1832
|
-
# The `Status` type defines a logical error model that is suitable for
|
1833
|
-
#
|
1834
|
-
#
|
1835
|
-
#
|
1836
|
-
#
|
1837
|
-
#
|
1584
|
+
# The `Status` type defines a logical error model that is suitable for different
|
1585
|
+
# programming environments, including REST APIs and RPC APIs. It is used by [
|
1586
|
+
# gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
|
1587
|
+
# data: error code, error message, and error details. You can find out more
|
1588
|
+
# about this error model and how to work with it in the [API Design Guide](https:
|
1589
|
+
# //cloud.google.com/apis/design/errors).
|
1838
1590
|
class Status
|
1839
1591
|
include Google::Apis::Core::Hashable
|
1840
1592
|
|
@@ -1843,15 +1595,15 @@ module Google
|
|
1843
1595
|
# @return [Fixnum]
|
1844
1596
|
attr_accessor :code
|
1845
1597
|
|
1846
|
-
# A list of messages that carry the error details.
|
1598
|
+
# A list of messages that carry the error details. There is a common set of
|
1847
1599
|
# message types for APIs to use.
|
1848
1600
|
# Corresponds to the JSON property `details`
|
1849
1601
|
# @return [Array<Hash<String,Object>>]
|
1850
1602
|
attr_accessor :details
|
1851
1603
|
|
1852
|
-
# A developer-facing error message, which should be in English. Any
|
1853
|
-
#
|
1854
|
-
#
|
1604
|
+
# A developer-facing error message, which should be in English. Any user-facing
|
1605
|
+
# error message should be localized and sent in the google.rpc.Status.details
|
1606
|
+
# field, or localized by the client.
|
1855
1607
|
# Corresponds to the JSON property `message`
|
1856
1608
|
# @return [String]
|
1857
1609
|
attr_accessor :message
|
@@ -1872,10 +1624,9 @@ module Google
|
|
1872
1624
|
class TestIamPermissionsRequest
|
1873
1625
|
include Google::Apis::Core::Hashable
|
1874
1626
|
|
1875
|
-
# The set of permissions to check for the `resource`. Permissions with
|
1876
|
-
#
|
1877
|
-
#
|
1878
|
-
# [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
|
1627
|
+
# The set of permissions to check for the `resource`. Permissions with wildcards
|
1628
|
+
# (such as '*' or 'storage.*') are not allowed. For more information see [IAM
|
1629
|
+
# Overview](https://cloud.google.com/iam/docs/overview#permissions).
|
1879
1630
|
# Corresponds to the JSON property `permissions`
|
1880
1631
|
# @return [Array<String>]
|
1881
1632
|
attr_accessor :permissions
|
@@ -1894,8 +1645,7 @@ module Google
|
|
1894
1645
|
class TestIamPermissionsResponse
|
1895
1646
|
include Google::Apis::Core::Hashable
|
1896
1647
|
|
1897
|
-
# A subset of `TestPermissionsRequest.permissions` that the caller is
|
1898
|
-
# allowed.
|
1648
|
+
# A subset of `TestPermissionsRequest.permissions` that the caller is allowed.
|
1899
1649
|
# Corresponds to the JSON property `permissions`
|
1900
1650
|
# @return [Array<String>]
|
1901
1651
|
attr_accessor :permissions
|
@@ -1910,8 +1660,7 @@ module Google
|
|
1910
1660
|
end
|
1911
1661
|
end
|
1912
1662
|
|
1913
|
-
# The request sent to the UndeleteProject
|
1914
|
-
# method.
|
1663
|
+
# The request sent to the UndeleteProject method.
|
1915
1664
|
class UndeleteProjectRequest
|
1916
1665
|
include Google::Apis::Core::Hashable
|
1917
1666
|
|