google-api-client 0.43.0 → 0.48.0

data/generated/google/apis/compute_alpha/classes.rb

@@ -1086,6 +1086,13 @@ module Google
         attr_accessor :enable_nested_virtualization
         alias_method :enable_nested_virtualization?, :enable_nested_virtualization
       
+        # The number of threads per physical core. To disable simultaneous
+        # multithreading (SMT) set this to 1. If unset, the maximum number of threads
+        # supported per core by the underlying processor is assumed.
+        # Corresponds to the JSON property `threadsPerCore`
+        # @return [Fixnum]
+        attr_accessor :threads_per_core
+      
         def initialize(**args)
            update!(**args)
         end
@@ -1093,6 +1100,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @enable_nested_virtualization = args[:enable_nested_virtualization] if args.key?(:enable_nested_virtualization)
+          @threads_per_core = args[:threads_per_core] if args.key?(:threads_per_core)
         end
       end
       
@@ -1174,18 +1182,6 @@ module Google
         # @return [String]
         attr_accessor :location_hint
       
-        # DEPRECATED, please use maintenance_freeze_duration_hours. TODO(b/154158138):
-        # Remove this field. Compute Engine Long Term Release. When specified, VMs that
-        # have this policy become long term release (internal: stable fleet) VMs.
-        # For all VM shapes, this should result in fewer disruptions due to software
-        # updates and greater predictability via 1 week extended notifications.
-        # For GPU VMs, this should also result in an 2 week uptime guarantee. See go/
-        # stable-fleet-gpus-design for more details.
-        # Corresponds to the JSON property `longTermRelease`
-        # @return [Boolean]
-        attr_accessor :long_term_release
-        alias_method :long_term_release?, :long_term_release
-      
         # Specifies type of machine (name only) which has fixed number of vCPUs and
         # fixed amount of memory. This also includes specifying custom machine type
         # following custom-NUMBER_OF_CPUS-AMOUNT_OF_MEMORY pattern.
@@ -1199,13 +1195,6 @@ module Google
         # @return [Fixnum]
         attr_accessor :maintenance_freeze_duration_hours
       
-        # Specifies whether this VM may be a stable fleet VM. Setting this to "Periodic"
-        # designates this VM as a Stable Fleet VM.
-        # See go/stable-fleet-ug for more details.
-        # Corresponds to the JSON property `maintenanceInterval`
-        # @return [String]
-        attr_accessor :maintenance_interval
-      
         # Minimum cpu platform the reservation.
         # Corresponds to the JSON property `minCpuPlatform`
         # @return [String]
@@ -1220,10 +1209,8 @@ module Google
           @guest_accelerators = args[:guest_accelerators] if args.key?(:guest_accelerators)
           @local_ssds = args[:local_ssds] if args.key?(:local_ssds)
           @location_hint = args[:location_hint] if args.key?(:location_hint)
-          @long_term_release = args[:long_term_release] if args.key?(:long_term_release)
           @machine_type = args[:machine_type] if args.key?(:machine_type)
           @maintenance_freeze_duration_hours = args[:maintenance_freeze_duration_hours] if args.key?(:maintenance_freeze_duration_hours)
-          @maintenance_interval = args[:maintenance_interval] if args.key?(:maintenance_interval)
           @min_cpu_platform = args[:min_cpu_platform] if args.key?(:min_cpu_platform)
         end
       end
@@ -1288,7 +1275,20 @@ module Google
         # @return [String]
         attr_accessor :device_name
       
-        # Represents a customer-supplied encryption key
+        # Encrypts or decrypts a disk using a customer-supplied encryption key.
+        # If you are creating a new disk, this field encrypts the new disk using an
+        # encryption key that you provide. If you are attaching an existing disk that is
+        # already encrypted, this field decrypts the disk using the customer-supplied
+        # encryption key.
+        # If you encrypt a disk using a customer-supplied key, you must provide the same
+        # key again when you attempt to use this resource at a later time. For example,
+        # you must provide the key when you create a snapshot or an image from the disk
+        # or when you attach the disk to a virtual machine instance.
+        # If you do not provide an encryption key, then the disk will be encrypted using
+        # an automatically generated key and you do not need to provide a key to use the
+        # disk later.
+        # Instance templates do not store customer-supplied encryption keys, so you
+        # cannot use your own keys to encrypt disks in a managed instance group.
         # Corresponds to the JSON property `diskEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :disk_encryption_key
@@ -1379,6 +1379,13 @@ module Google
         # @return [String]
         attr_accessor :type
       
+        # [Output Only] A list of user provided licenses. It represents a list of URLs
+        # to the license resource. Unlike regular licenses, user provided licenses can
+        # be modified after the disk is created.
+        # Corresponds to the JSON property `userLicenses`
+        # @return [Array<String>]
+        attr_accessor :user_licenses
+      
         def initialize(**args)
            update!(**args)
         end
@@ -1401,6 +1408,7 @@ module Google
           @shielded_instance_initial_state = args[:shielded_instance_initial_state] if args.key?(:shielded_instance_initial_state)
           @source = args[:source] if args.key?(:source)
           @type = args[:type] if args.key?(:type)
+          @user_licenses = args[:user_licenses] if args.key?(:user_licenses)
         end
       end
       
@@ -1516,7 +1524,11 @@ module Google
         # @return [String]
         attr_accessor :source_image
       
-        # Represents a customer-supplied encryption key
+        # The customer-supplied encryption key of the source image. Required if the
+        # source image is protected by a customer-supplied encryption key.
+        # Instance templates do not store customer-supplied encryption keys, so you
+        # cannot create disks for instances in a managed instance group if the source
+        # images are encrypted with your own keys.
         # Corresponds to the JSON property `sourceImageEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :source_image_encryption_key
@@ -1532,7 +1544,7 @@ module Google
         # @return [String]
         attr_accessor :source_snapshot
       
-        # Represents a customer-supplied encryption key
+        # The customer-supplied encryption key of the source snapshot.
         # Corresponds to the JSON property `sourceSnapshotEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :source_snapshot_encryption_key
@@ -2365,13 +2377,13 @@ module Google
       class AutoscalingPolicyCpuUtilization
         include Google::Apis::Core::Hashable
       
-        # Indicates which method of prediction is used for CPU utilization metric, if
-        # any. Current set of possible values: * NONE: No predictions are made based on
-        # the scaling metric when calculating the number of VM instances. * STANDARD:
-        # Standard predictive autoscaling predicts the future values of the scaling
-        # metric and then scales a MIG to ensure that new VM instances are ready in time
-        # to cover the predicted peak. New values might be added in the future. Some of
-        # the values might not be available in all API versions.
+        # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid
+        # values are:
+        # * NONE (default). No predictive method is used. The autoscaler scales the
+        # group to meet current demand based on real-time metrics. *
+        # OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by
+        # monitoring daily and weekly load patterns and scaling out ahead of anticipated
+        # demand.
         # Corresponds to the JSON property `predictiveMethod`
         # @return [String]
         attr_accessor :predictive_method
@@ -2459,9 +2471,9 @@ module Google
         # The target value of the metric that autoscaler should maintain. This must be a
         # positive value. A utilization metric scales number of virtual machines
         # handling requests to increase or decrease proportionally to the metric.
-        # For example, a good metric to use as a utilization_target is compute.
-        # googleapis.com/instance/network/received_bytes_count. The autoscaler will work
-        # to keep this value constant for each of the instances.
+        # For example, a good metric to use as a utilization_target is https://www.
+        # googleapis.com/compute/v1/instance/network/received_bytes_count. The
+        # autoscaler will work to keep this value constant for each of the instances.
         # Corresponds to the JSON property `utilizationTarget`
         # @return [Float]
         attr_accessor :utilization_target
@@ -2837,6 +2849,11 @@ module Google
         # @return [String]
         attr_accessor :creation_timestamp
       
+        # Headers that the HTTP/S load balancer should add to proxied responses.
+        # Corresponds to the JSON property `customResponseHeaders`
+        # @return [Array<String>]
+        attr_accessor :custom_response_headers
+      
         # An optional textual description of the resource; provided by the client when
         # the resource is created.
         # Corresponds to the JSON property `description`
@@ -2888,6 +2905,7 @@ module Google
           @bucket_name = args[:bucket_name] if args.key?(:bucket_name)
           @cdn_policy = args[:cdn_policy] if args.key?(:cdn_policy)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
+          @custom_response_headers = args[:custom_response_headers] if args.key?(:custom_response_headers)
           @description = args[:description] if args.key?(:description)
           @enable_cdn = args[:enable_cdn] if args.key?(:enable_cdn)
           @id = args[:id] if args.key?(:id)
@@ -2902,6 +2920,85 @@ module Google
       class BackendBucketCdnPolicy
         include Google::Apis::Core::Hashable
       
+        # Bypass the cache when the specified request headers are matched - e.g. Pragma
+        # or Authorization headers. Up to 5 headers can be specified. The cache is
+        # bypassed for all cdnPolicy.cacheMode settings.
+        # Corresponds to the JSON property `bypassCacheOnRequestHeaders`
+        # @return [Array<Google::Apis::ComputeAlpha::BackendBucketCdnPolicyBypassCacheOnRequestHeader>]
+        attr_accessor :bypass_cache_on_request_headers
+      
+        # Specifies the cache setting for all responses from this backend. The possible
+        # values are:
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache
+        # content. Responses without these headers will not be cached at Google's edge,
+        # and will require a full trip to the origin on every request, potentially
+        # impacting performance and increasing load on the origin server.
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-
+        # cache" directives in Cache-Control response headers. Warning: this may result
+        # in Cloud CDN caching private, per-user (user identifiable) content.
+        # CACHE_ALL_STATIC Automatically cache static content, including common image
+        # formats, media (video and audio), and web assets (JavaScript and CSS).
+        # Requests and responses that are marked as uncacheable, as well as dynamic
+        # content (including HTML), will not be cached.
+        # Corresponds to the JSON property `cacheMode`
+        # @return [String]
+        attr_accessor :cache_mode
+      
+        # Specifies a separate client (e.g. browser client) TTL, separate from the TTL
+        # for Cloud CDN's edge caches. Leaving this empty will use the same cache TTL
+        # for both Cloud CDN and the client-facing response. The maximum allowed value
+        # is 86400s (1 day).
+        # Corresponds to the JSON property `clientTtl`
+        # @return [Fixnum]
+        attr_accessor :client_ttl
+      
+        # Specifies the default TTL for cached content served by this origin for
+        # responses that do not have an existing valid TTL (max-age or s-max-age).
+        # Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot
+        # be set to a value greater than that of maxTTL, but can be equal. When the
+        # cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set
+        # in all responses. The maximum allowed value is 31,622,400s (1 year), noting
+        # that infrequently accessed objects may be evicted from the cache before the
+        # defined TTL.
+        # Corresponds to the JSON property `defaultTtl`
+        # @return [Fixnum]
+        attr_accessor :default_ttl
+      
+        # Specifies the maximum allowed TTL for cached content served by this origin.
+        # Cache directives that attempt to set a max-age or s-maxage higher than this,
+        # or an Expires header more than maxTTL seconds in the future will be capped at
+        # the value of maxTTL, as if it were the value of an s-maxage Cache-Control
+        # directive. Headers sent to the client will not be modified. Setting a TTL of "
+        # 0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year)
+        # , noting that infrequently accessed objects may be evicted from the cache
+        # before the defined TTL.
+        # Corresponds to the JSON property `maxTtl`
+        # @return [Fixnum]
+        attr_accessor :max_ttl
+      
+        # Negative caching allows per-status code TTLs to be set, in order to apply fine-
+        # grained caching for common errors or redirects. This can reduce the load on
+        # your origin and improve end-user experience by reducing response latency. By
+        # default, Cloud CDN will apply the following default TTLs to these status codes:
+        # HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not
+        # Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method
+        # Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s These
+        # defaults can be overridden in negative_caching_policy
+        # Corresponds to the JSON property `negativeCaching`
+        # @return [Boolean]
+        attr_accessor :negative_caching
+        alias_method :negative_caching?, :negative_caching
+      
+        # Sets a cache TTL for the specified HTTP status code. negative_caching must be
+        # enabled to configure negative_caching_policy. Omitting the policy and leaving
+        # negative_caching enabled will use Cloud CDN's default cache TTLs. Note that
+        # when specifying an explicit negative_caching_policy, you should take care to
+        # specify a cache TTL for all response codes that you wish to cache. Cloud CDN
+        # will not apply any default negative caching when a policy exists.
+        # Corresponds to the JSON property `negativeCachingPolicy`
+        # @return [Array<Google::Apis::ComputeAlpha::BackendBucketCdnPolicyNegativeCachingPolicy>]
+        attr_accessor :negative_caching_policy
+      
         # If true then Cloud CDN will combine multiple concurrent cache fill requests
         # into a small number of requests to the origin.
         # Corresponds to the JSON property `requestCoalescing`
@@ -2909,6 +3006,18 @@ module Google
         attr_accessor :request_coalescing
         alias_method :request_coalescing?, :request_coalescing
       
+        # Serve existing content from the cache (if available) when revalidating content
+        # with the origin, or when an error is encountered when refreshing the cache.
+        # This setting defines the default "max-stale" duration for any cached responses
+        # that do not specify a max-stale directive. Stale responses that exceed the TTL
+        # configured here will not be served. The default limit (max-stale) is 86400s (1
+        # day), which will allow stale content to be served up to this limit beyond the
+        # max-age (or s-max-age) of a cached response. The maximum allowed value is
+        # 604800 (1 week). Set this to zero (0) to disable serve-while-stale.
+        # Corresponds to the JSON property `serveWhileStale`
+        # @return [Fixnum]
+        attr_accessor :serve_while_stale
+      
         # Maximum number of seconds the response to a signed URL request will be
         # considered fresh. After this time period, the response will be revalidated
         # before being served. Defaults to 1hr (3600s). When serving responses to signed
@@ -2931,12 +3040,71 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @bypass_cache_on_request_headers = args[:bypass_cache_on_request_headers] if args.key?(:bypass_cache_on_request_headers)
+          @cache_mode = args[:cache_mode] if args.key?(:cache_mode)
+          @client_ttl = args[:client_ttl] if args.key?(:client_ttl)
+          @default_ttl = args[:default_ttl] if args.key?(:default_ttl)
+          @max_ttl = args[:max_ttl] if args.key?(:max_ttl)
+          @negative_caching = args[:negative_caching] if args.key?(:negative_caching)
+          @negative_caching_policy = args[:negative_caching_policy] if args.key?(:negative_caching_policy)
           @request_coalescing = args[:request_coalescing] if args.key?(:request_coalescing)
+          @serve_while_stale = args[:serve_while_stale] if args.key?(:serve_while_stale)
           @signed_url_cache_max_age_sec = args[:signed_url_cache_max_age_sec] if args.key?(:signed_url_cache_max_age_sec)
           @signed_url_key_names = args[:signed_url_key_names] if args.key?(:signed_url_key_names)
         end
       end
       
+      # Bypass the cache when the specified request headers are present, e.g. Pragma
+      # or Authorization headers. Values are case insensitive. The presence of such a
+      # header overrides the cache_mode setting.
+      class BackendBucketCdnPolicyBypassCacheOnRequestHeader
+        include Google::Apis::Core::Hashable
+      
+        # The header field name to match on when bypassing cache. Values are case-
+        # insensitive.
+        # Corresponds to the JSON property `headerName`
+        # @return [String]
+        attr_accessor :header_name
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @header_name = args[:header_name] if args.key?(:header_name)
+        end
+      end
+      
+      # Specify CDN TTLs for response error codes.
+      class BackendBucketCdnPolicyNegativeCachingPolicy
+        include Google::Apis::Core::Hashable
+      
+        # The HTTP status code to define a TTL against. Only HTTP status codes 300, 301,
+        # 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you
+        # cannot specify a status code more than once.
+        # Corresponds to the JSON property `code`
+        # @return [Fixnum]
+        attr_accessor :code
+      
+        # The TTL (in seconds) to cache responses with the corresponding status code for.
+        # The maximum allowed value is 1800s (30 minutes), noting that infrequently
+        # accessed objects may be evicted from the cache before the defined TTL.
+        # Corresponds to the JSON property `ttl`
+        # @return [Fixnum]
+        attr_accessor :ttl
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @code = args[:code] if args.key?(:code)
+          @ttl = args[:ttl] if args.key?(:ttl)
+        end
+      end
+      
       # Contains a list of BackendBucket resources.
       class BackendBucketList
         include Google::Apis::Core::Hashable
@@ -3070,8 +3238,13 @@ module Google
       class BackendService
         include Google::Apis::Core::Hashable
       
+        # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is
+        # EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or
+        # HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
         # If set to 0, the cookie is non-persistent and lasts only until the end of the
         # browser session (or equivalent). The maximum allowed value is one day (86,400).
+        # Not supported when the backend service is referenced by a URL map that is
+        # bound to target gRPC proxy that has validateForProxyless field set to true.
         # Corresponds to the JSON property `affinityCookieTtlSec`
         # @return [Fixnum]
         attr_accessor :affinity_cookie_ttl_sec
@@ -3111,6 +3284,11 @@ module Google
         # @return [Array<String>]
         attr_accessor :custom_request_headers
       
+        # Headers that the HTTP/S load balancer should add to proxied responses.
+        # Corresponds to the JSON property `customResponseHeaders`
+        # @return [Array<String>]
+        attr_accessor :custom_response_headers
+      
         # An optional description of this resource. Provide this property when you
         # create the resource.
         # Corresponds to the JSON property `description`
@@ -3150,10 +3328,10 @@ module Google
         # The list of URLs to the healthChecks, httpHealthChecks (legacy), or
         # httpsHealthChecks (legacy) resource for health checking this backend service.
         # Not all backend services support legacy health checks. See  Load balancer
-        # guide. Currently at most one health check can be specified. Backend services
-        # with instance group or zonal NEG backends must have a health check. Backend
-        # services with internet NEG backends must not have a health check. A health
-        # check must
+        # guide. Currently, at most one health check can be specified for each backend
+        # service. Backend services with instance group or zonal NEG backends must have
+        # a health check. Backend services with internet or serverless NEG backends must
+        # not have a health check.
         # Corresponds to the JSON property `healthChecks`
         # @return [Array<String>]
         attr_accessor :health_checks
@@ -3208,8 +3386,11 @@ module Google
         # HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
         # - A global backend service with the load_balancing_scheme set to
         # INTERNAL_SELF_MANAGED.
-        # If sessionAffinity is not NONE, and this field is not set to >MAGLEV or
+        # If sessionAffinity is not NONE, and this field is not set to MAGLEV or
         # RING_HASH, session affinity settings will not take effect.
+        # Only the default ROUND_ROBIN policy is supported when the backend service is
+        # referenced by a URL map that is bound to target gRPC proxy that has
+        # validateForProxyless field set to true.
         # Corresponds to the JSON property `localityLbPolicy`
         # @return [String]
         attr_accessor :locality_lb_policy
@@ -3262,10 +3443,12 @@ module Google
         attr_accessor :port_name
       
         # The protocol this BackendService uses to communicate with backends.
-        # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, or UDP. depending on the
-        # chosen load balancer or Traffic Director configuration. Refer to the
+        # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on
+        # the chosen load balancer or Traffic Director configuration. Refer to the
         # documentation for the load balancer or for Traffic Director for more
         # information.
+        # Must be set to GRPC when the backend service is referenced by a URL map that
+        # is bound to target gRPC proxy.
         # Corresponds to the JSON property `protocol`
         # @return [String]
         attr_accessor :protocol
@@ -3309,10 +3492,17 @@ module Google
         # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED,
         # possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or
         # HTTP_COOKIE.
+        # Not supported when the backend service is referenced by a URL map that is
+        # bound to target gRPC proxy that has validateForProxyless field set to true.
         # Corresponds to the JSON property `sessionAffinity`
         # @return [String]
         attr_accessor :session_affinity
       
+        # Subsetting options to make L4 ILB support any number of backend instances
+        # Corresponds to the JSON property `subsetting`
+        # @return [Google::Apis::ComputeAlpha::Subsetting]
+        attr_accessor :subsetting
+      
         # The backend service timeout has a different meaning depending on the type of
         # load balancer. For more information see,  Backend service settings The default
         # is 30 seconds.
@@ -3334,6 +3524,7 @@ module Google
           @consistent_hash = args[:consistent_hash] if args.key?(:consistent_hash)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @custom_request_headers = args[:custom_request_headers] if args.key?(:custom_request_headers)
+          @custom_response_headers = args[:custom_response_headers] if args.key?(:custom_response_headers)
           @description = args[:description] if args.key?(:description)
           @enable_cdn = args[:enable_cdn] if args.key?(:enable_cdn)
           @failover_policy = args[:failover_policy] if args.key?(:failover_policy)
@@ -3357,6 +3548,7 @@ module Google
           @self_link = args[:self_link] if args.key?(:self_link)
           @self_link_with_id = args[:self_link_with_id] if args.key?(:self_link_with_id)
           @session_affinity = args[:session_affinity] if args.key?(:session_affinity)
+          @subsetting = args[:subsetting] if args.key?(:subsetting)
           @timeout_sec = args[:timeout_sec] if args.key?(:timeout_sec)
         end
       end
@@ -3488,12 +3680,91 @@ module Google
       class BackendServiceCdnPolicy
         include Google::Apis::Core::Hashable
       
+        # Bypass the cache when the specified request headers are matched - e.g. Pragma
+        # or Authorization headers. Up to 5 headers can be specified. The cache is
+        # bypassed for all cdnPolicy.cacheMode settings.
+        # Corresponds to the JSON property `bypassCacheOnRequestHeaders`
+        # @return [Array<Google::Apis::ComputeAlpha::BackendServiceCdnPolicyBypassCacheOnRequestHeader>]
+        attr_accessor :bypass_cache_on_request_headers
+      
         # Message containing what to include in the cache key for a request for Cloud
         # CDN.
         # Corresponds to the JSON property `cacheKeyPolicy`
         # @return [Google::Apis::ComputeAlpha::CacheKeyPolicy]
         attr_accessor :cache_key_policy
       
+        # Specifies the cache setting for all responses from this backend. The possible
+        # values are:
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache
+        # content. Responses without these headers will not be cached at Google's edge,
+        # and will require a full trip to the origin on every request, potentially
+        # impacting performance and increasing load on the origin server.
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-
+        # cache" directives in Cache-Control response headers. Warning: this may result
+        # in Cloud CDN caching private, per-user (user identifiable) content.
+        # CACHE_ALL_STATIC Automatically cache static content, including common image
+        # formats, media (video and audio), and web assets (JavaScript and CSS).
+        # Requests and responses that are marked as uncacheable, as well as dynamic
+        # content (including HTML), will not be cached.
+        # Corresponds to the JSON property `cacheMode`
+        # @return [String]
+        attr_accessor :cache_mode
+      
+        # Specifies a separate client (e.g. browser client) TTL, separate from the TTL
+        # for Cloud CDN's edge caches. Leaving this empty will use the same cache TTL
+        # for both Cloud CDN and the client-facing response. The maximum allowed value
+        # is 86400s (1 day).
+        # Corresponds to the JSON property `clientTtl`
+        # @return [Fixnum]
+        attr_accessor :client_ttl
+      
+        # Specifies the default TTL for cached content served by this origin for
+        # responses that do not have an existing valid TTL (max-age or s-max-age).
+        # Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot
+        # be set to a value greater than that of maxTTL, but can be equal. When the
+        # cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set
+        # in all responses. The maximum allowed value is 31,622,400s (1 year), noting
+        # that infrequently accessed objects may be evicted from the cache before the
+        # defined TTL.
+        # Corresponds to the JSON property `defaultTtl`
+        # @return [Fixnum]
+        attr_accessor :default_ttl
+      
+        # Specifies the maximum allowed TTL for cached content served by this origin.
+        # Cache directives that attempt to set a max-age or s-maxage higher than this,
+        # or an Expires header more than maxTTL seconds in the future will be capped at
+        # the value of maxTTL, as if it were the value of an s-maxage Cache-Control
+        # directive. Headers sent to the client will not be modified. Setting a TTL of "
+        # 0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year)
+        # , noting that infrequently accessed objects may be evicted from the cache
+        # before the defined TTL.
+        # Corresponds to the JSON property `maxTtl`
+        # @return [Fixnum]
+        attr_accessor :max_ttl
+      
+        # Negative caching allows per-status code TTLs to be set, in order to apply fine-
+        # grained caching for common errors or redirects. This can reduce the load on
+        # your origin and improve end-user experience by reducing response latency. By
+        # default, Cloud CDN will apply the following default TTLs to these status codes:
+        # HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not
+        # Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method
+        # Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s These
+        # defaults can be overridden in negative_caching_policy
+        # Corresponds to the JSON property `negativeCaching`
+        # @return [Boolean]
+        attr_accessor :negative_caching
+        alias_method :negative_caching?, :negative_caching
+      
+        # Sets a cache TTL for the specified HTTP status code. negative_caching must be
+        # enabled to configure negative_caching_policy. Omitting the policy and leaving
+        # negative_caching enabled will use Cloud CDN's default cache TTLs. Note that
+        # when specifying an explicit negative_caching_policy, you should take care to
+        # specify a cache TTL for all response codes that you wish to cache. Cloud CDN
+        # will not apply any default negative caching when a policy exists.
+        # Corresponds to the JSON property `negativeCachingPolicy`
+        # @return [Array<Google::Apis::ComputeAlpha::BackendServiceCdnPolicyNegativeCachingPolicy>]
+        attr_accessor :negative_caching_policy
+      
         # If true then Cloud CDN will combine multiple concurrent cache fill requests
         # into a small number of requests to the origin.
         # Corresponds to the JSON property `requestCoalescing`
@@ -3501,6 +3772,18 @@ module Google
         attr_accessor :request_coalescing
         alias_method :request_coalescing?, :request_coalescing
       
+        # Serve existing content from the cache (if available) when revalidating content
+        # with the origin, or when an error is encountered when refreshing the cache.
+        # This setting defines the default "max-stale" duration for any cached responses
+        # that do not specify a max-stale directive. Stale responses that exceed the TTL
+        # configured here will not be served. The default limit (max-stale) is 86400s (1
+        # day), which will allow stale content to be served up to this limit beyond the
+        # max-age (or s-max-age) of a cached response. The maximum allowed value is
+        # 604800 (1 week). Set this to zero (0) to disable serve-while-stale.
+        # Corresponds to the JSON property `serveWhileStale`
+        # @return [Fixnum]
+        attr_accessor :serve_while_stale
+      
         # Maximum number of seconds the response to a signed URL request will be
         # considered fresh. After this time period, the response will be revalidated
         # before being served. Defaults to 1hr (3600s). When serving responses to signed
@@ -3523,13 +3806,72 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @bypass_cache_on_request_headers = args[:bypass_cache_on_request_headers] if args.key?(:bypass_cache_on_request_headers)
           @cache_key_policy = args[:cache_key_policy] if args.key?(:cache_key_policy)
+          @cache_mode = args[:cache_mode] if args.key?(:cache_mode)
+          @client_ttl = args[:client_ttl] if args.key?(:client_ttl)
+          @default_ttl = args[:default_ttl] if args.key?(:default_ttl)
+          @max_ttl = args[:max_ttl] if args.key?(:max_ttl)
+          @negative_caching = args[:negative_caching] if args.key?(:negative_caching)
+          @negative_caching_policy = args[:negative_caching_policy] if args.key?(:negative_caching_policy)
           @request_coalescing = args[:request_coalescing] if args.key?(:request_coalescing)
+          @serve_while_stale = args[:serve_while_stale] if args.key?(:serve_while_stale)
           @signed_url_cache_max_age_sec = args[:signed_url_cache_max_age_sec] if args.key?(:signed_url_cache_max_age_sec)
           @signed_url_key_names = args[:signed_url_key_names] if args.key?(:signed_url_key_names)
         end
       end
       
+      # Bypass the cache when the specified request headers are present, e.g. Pragma
+      # or Authorization headers. Values are case insensitive. The presence of such a
+      # header overrides the cache_mode setting.
+      class BackendServiceCdnPolicyBypassCacheOnRequestHeader
+        include Google::Apis::Core::Hashable
+      
+        # The header field name to match on when bypassing cache. Values are case-
+        # insensitive.
+        # Corresponds to the JSON property `headerName`
+        # @return [String]
+        attr_accessor :header_name
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @header_name = args[:header_name] if args.key?(:header_name)
+        end
+      end
+      
+      # Specify CDN TTLs for response error codes.
+      class BackendServiceCdnPolicyNegativeCachingPolicy
+        include Google::Apis::Core::Hashable
+      
+        # The HTTP status code to define a TTL against. Only HTTP status codes 300, 301,
+        # 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you
+        # cannot specify a status code more than once.
+        # Corresponds to the JSON property `code`
+        # @return [Fixnum]
+        attr_accessor :code
+      
+        # The TTL (in seconds) to cache responses with the corresponding status code for.
+        # The maximum allowed value is 1800s (30 minutes), noting that infrequently
+        # accessed objects may be evicted from the cache before the defined TTL.
+        # Corresponds to the JSON property `ttl`
+        # @return [Fixnum]
+        attr_accessor :ttl
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @code = args[:code] if args.key?(:code)
+          @ttl = args[:ttl] if args.key?(:ttl)
+        end
+      end
+      
       # Applicable only to Failover for Internal TCP/UDP Load Balancing. On failover
       # or failback, this field indicates whether connection draining will be honored.
       # GCP has a fixed connection draining timeout of 10 minutes. A setting of true
@@ -4231,6 +4573,12 @@ module Google
       class Binding
         include Google::Apis::Core::Hashable
       
+        # A client-specified ID for this binding. Expected to be globally unique to
+        # support the internal bindings-by-ID API.
+        # Corresponds to the JSON property `bindingId`
+        # @return [String]
+        attr_accessor :binding_id
+      
         # Represents a textual expression in the Common Expression Language (CEL) syntax.
         # CEL is a C-like expression language. The syntax and semantics of CEL are
         # documented at https://github.com/google/cel-spec.
@@ -4301,6 +4649,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @binding_id = args[:binding_id] if args.key?(:binding_id)
           @condition = args[:condition] if args.key?(:condition)
           @members = args[:members] if args.key?(:members)
           @role = args[:role] if args.key?(:role)
@@ -5330,7 +5679,7 @@ module Google
         end
       end
       
-      # Represents a customer-supplied encryption key
+      # 
       class CustomerEncryptionKey
         include Google::Apis::Core::Hashable
       
@@ -5387,7 +5736,7 @@ module Google
       class CustomerEncryptionKeyProtectedDisk
         include Google::Apis::Core::Hashable
       
-        # Represents a customer-supplied encryption key
+        # Decrypts data associated with the disk with a customer-supplied encryption key.
         # Corresponds to the JSON property `diskEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :disk_encryption_key
@@ -5491,7 +5840,16 @@ module Google
         # @return [String]
         attr_accessor :description
       
-        # Represents a customer-supplied encryption key
+        # Encrypts the disk using a customer-supplied encryption key.
+        # After you encrypt a disk with a customer-supplied key, you must provide the
+        # same key if you use the disk later (e.g. to create a disk snapshot, to create
+        # a disk image, to create a machine image, or to attach the disk to a virtual
+        # machine).
+        # Customer-supplied encryption keys do not protect access to metadata of the
+        # disk.
+        # If you do not provide an encryption key when creating the disk, then the disk
+        # will be encrypted using an automatically generated key and you do not need to
+        # provide a key to use the disk later.
         # Corresponds to the JSON property `diskEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :disk_encryption_key
@@ -5618,6 +5976,12 @@ module Google
         # @return [Array<String>]
         attr_accessor :resource_policies
       
+        # [Output Only] Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzs`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzs
+        alias_method :satisfies_pzs?, :satisfies_pzs
+      
         # [Output Only] Server-defined fully-qualified URL for this resource.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
@@ -5628,12 +5992,11 @@ module Google
         # @return [String]
         attr_accessor :self_link_with_id
       
-        # Size of the persistent disk, specified in GB. You can specify this field when
-        # creating a persistent disk using the sourceImage or sourceSnapshot parameter,
-        # or specify it alone to create an empty persistent disk.
-        # If you specify this field along with sourceImage or sourceSnapshot, the value
-        # of sizeGb must not be less than the size of the sourceImage or the size of the
-        # snapshot. Acceptable values are 1 to 65536, inclusive.
+        # Size, in GB, of the persistent disk. You can specify this field when creating
+        # a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk
+        # parameter, or specify it alone to create an empty persistent disk.
+        # If you specify this field along with a source, the value of sizeGb must not be
+        # less than the size of the source. Acceptable values are 1 to 65536, inclusive.
         # Corresponds to the JSON property `sizeGb`
         # @return [Fixnum]
         attr_accessor :size_gb
@@ -5675,7 +6038,8 @@ module Google
         # @return [String]
         attr_accessor :source_image
       
-        # Represents a customer-supplied encryption key
+        # The customer-supplied encryption key of the source image. Required if the
+        # source image is protected by a customer-supplied encryption key.
         # Corresponds to the JSON property `sourceImageEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :source_image_encryption_key
@@ -5689,9 +6053,9 @@ module Google
         # @return [String]
         attr_accessor :source_image_id
       
-        # The source in-place snapshot used to create this disk. You can provide this as
-        # a partial or full URL to the resource. For example, the following are valid
-        # values:
+        # [Deprecated] The source in-place snapshot used to create this disk. You can
+        # provide this as a partial or full URL to the resource. For example, the
+        # following are valid values:
         # - https://www.googleapis.com/compute/v1/projects/project/global/
         # inPlaceSnapshots/inPlaceSnapshots
         # - projects/project/global/inPlaceSnapshots/inPlaceSnapshots
@@ -5700,16 +6064,37 @@ module Google
         # @return [String]
         attr_accessor :source_in_place_snapshot
       
-        # [Output Only] The unique ID of the in-place snapshot used to create this disk.
-        # This value identifies the exact in-place snapshot that was used to create this
-        # persistent disk. For example, if you created the persistent disk from an in-
-        # place snapshot that was later deleted and recreated under the same name, the
-        # source in-place snapshot ID would identify the exact version of the in-place
-        # snapshot that was used.
+        # [Deprecated] [Output Only] The unique ID of the in-place snapshot used to
+        # create this disk. This value identifies the exact in-place snapshot that was
+        # used to create this persistent disk. For example, if you created the
+        # persistent disk from an in-place snapshot that was later deleted and recreated
+        # under the same name, the source in-place snapshot ID would identify the exact
+        # version of the in-place snapshot that was used.
         # Corresponds to the JSON property `sourceInPlaceSnapshotId`
         # @return [String]
         attr_accessor :source_in_place_snapshot_id
       
+        # The source instant snapshot used to create this disk. You can provide this as
+        # a partial or full URL to the resource. For example, the following are valid
+        # values:
+        # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/
+        # instantSnapshots/instantSnapshot
+        # - projects/project/zones/zone/instantSnapshots/instantSnapshot
+        # - zones/zone/instantSnapshots/instantSnapshot
+        # Corresponds to the JSON property `sourceInstantSnapshot`
+        # @return [String]
+        attr_accessor :source_instant_snapshot
+      
+        # [Output Only] The unique ID of the instant snapshot used to create this disk.
+        # This value identifies the exact instant snapshot that was used to create this
+        # persistent disk. For example, if you created the persistent disk from an
+        # instant snapshot that was later deleted and recreated under the same name, the
+        # source instant snapshot ID would identify the exact version of the instant
+        # snapshot that was used.
+        # Corresponds to the JSON property `sourceInstantSnapshotId`
+        # @return [String]
+        attr_accessor :source_instant_snapshot_id
+      
         # The source snapshot used to create this disk. You can provide this as a
         # partial or full URL to the resource. For example, the following are valid
         # values:
@@ -5721,7 +6106,8 @@ module Google
         # @return [String]
         attr_accessor :source_snapshot
       
-        # Represents a customer-supplied encryption key
+        # The customer-supplied encryption key of the source snapshot. Required if the
+        # source snapshot is protected by a customer-supplied encryption key.
         # Corresponds to the JSON property `sourceSnapshotEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :source_snapshot_encryption_key
@@ -5762,6 +6148,15 @@ module Google
         # @return [String]
         attr_accessor :type
       
+        # A list of publicly visible user-licenses. Unlike regular licenses, user
+        # provided licenses can be modified after the disk is created. This includes a
+        # list of URLs to the license resource. For example, to provide a debian license:
+        # https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/
+        # debian-9-stretch
+        # Corresponds to the JSON property `userLicenses`
+        # @return [Array<String>]
+        attr_accessor :user_licenses
+      
         # [Output Only] Links to the users of the disk (attached instances) in form:
         # projects/project/zones/zone/instances/instance
         # Corresponds to the JSON property `users`
@@ -5803,6 +6198,7 @@ module Google
           @region = args[:region] if args.key?(:region)
           @replica_zones = args[:replica_zones] if args.key?(:replica_zones)
           @resource_policies = args[:resource_policies] if args.key?(:resource_policies)
+          @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
           @self_link = args[:self_link] if args.key?(:self_link)
           @self_link_with_id = args[:self_link_with_id] if args.key?(:self_link_with_id)
           @size_gb = args[:size_gb] if args.key?(:size_gb)
@@ -5813,6 +6209,8 @@ module Google
           @source_image_id = args[:source_image_id] if args.key?(:source_image_id)
           @source_in_place_snapshot = args[:source_in_place_snapshot] if args.key?(:source_in_place_snapshot)
           @source_in_place_snapshot_id = args[:source_in_place_snapshot_id] if args.key?(:source_in_place_snapshot_id)
+          @source_instant_snapshot = args[:source_instant_snapshot] if args.key?(:source_instant_snapshot)
+          @source_instant_snapshot_id = args[:source_instant_snapshot_id] if args.key?(:source_instant_snapshot_id)
           @source_snapshot = args[:source_snapshot] if args.key?(:source_snapshot)
           @source_snapshot_encryption_key = args[:source_snapshot_encryption_key] if args.key?(:source_snapshot_encryption_key)
           @source_snapshot_id = args[:source_snapshot_id] if args.key?(:source_snapshot_id)
@@ -5820,6 +6218,7 @@ module Google
           @status = args[:status] if args.key?(:status)
           @storage_type = args[:storage_type] if args.key?(:storage_type)
           @type = args[:type] if args.key?(:type)
+          @user_licenses = args[:user_licenses] if args.key?(:user_licenses)
           @users = args[:users] if args.key?(:users)
           @zone = args[:zone] if args.key?(:zone)
         end
@@ -8251,6 +8650,8 @@ module Google
         # IP address that you can use. For detailed information, refer to [IP address
         # specifications](/load-balancing/docs/forwarding-rule-concepts#
         # ip_address_specifications).
+        # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has
+        # validateForProxyless field set to true.
         # Corresponds to the JSON property `IPAddress`
         # @return [String]
         attr_accessor :ip_address
@@ -8389,7 +8790,7 @@ module Google
       
         # Opaque filter criteria used by Loadbalancer to restrict routing configuration
         # to a limited set of xDS compliant clients. In their xDS requests to
-        # Loadbalancer, xDS clients present node metadata. If a match takes place, the
+        # Loadbalancer, xDS clients present node metadata. When there is a match, the
         # relevant configuration is made available to those proxies. Otherwise, all the
         # resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will
         # not be visible to those proxies.
@@ -8397,7 +8798,8 @@ module Google
         # MATCH_ANY, at least one of the filterLabels must match the corresponding label
         # provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then
         # all of its filterLabels must match with corresponding labels provided in the
-        # metadata.
+        # metadata. If multiple metadataFilters are specified, all of them need to be
+        # satisfied in order to be considered a match.
         # metadataFilters specified here will be applifed before those specified in the
         # UrlMap that this ForwardingRule references.
         # metadataFilters only applies to Loadbalancers that have their
@@ -8417,9 +8819,9 @@ module Google
         attr_accessor :name
       
         # This field is not used for external load balancing.
-        # For INTERNAL and INTERNAL_SELF_MANAGED load balancing, this field identifies
-        # the network that the load balanced IP should belong to for this Forwarding
-        # Rule. If this field is not specified, the default network will be used.
+        # For internal load balancing, this field identifies the network that the load
+        # balanced IP should belong to for this Forwarding Rule. If this field is not
+        # specified, the default network will be used.
         # Corresponds to the JSON property `network`
         # @return [String]
         attr_accessor :network
@@ -8439,13 +8841,14 @@ module Google
         # that points to a target proxy or a target pool. Do not use with a forwarding
         # rule that points to a backend service. This field is used along with the
         # target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy,
-        # TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.
+        # TargetTcpProxy, TargetGrpcProxy, TargetVpnGateway, TargetPool, TargetInstance.
         # Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed
         # to ports in the specified range will be forwarded to target. Forwarding rules
         # with the same [IPAddress, IPProtocol] pair must have disjoint port ranges.
         # Some types of forwarding target have constraints on the acceptable ports:
         # - TargetHttpProxy: 80, 8080
         # - TargetHttpsProxy: 443
+        # - TargetGrpcProxy: Any ports
         # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688,
         # 1883, 5222
         # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688,
@@ -8487,6 +8890,12 @@ module Google
         # @return [String]
         attr_accessor :self_link_with_id
       
+        # Service Directory resources to register this forwarding rule with. Currently,
+        # only supports a single Service Directory resource.
+        # Corresponds to the JSON property `serviceDirectoryRegistrations`
+        # @return [Array<Google::Apis::ComputeAlpha::ForwardingRuleServiceDirectoryRegistration>]
+        attr_accessor :service_directory_registrations
+      
         # An optional prefix to the service name for this Forwarding Rule. If specified,
         # the prefix is the first label of the fully qualified service name.
         # The label must be 1-63 characters long, and comply with RFC1035. Specifically,
@@ -8506,7 +8915,7 @@ module Google
         # @return [String]
         attr_accessor :service_name
       
-        # This field is only used for INTERNAL load balancing.
+        # This field is only used for internal load balancing.
         # For internal load balancing, this field identifies the subnetwork that the
         # load balanced IP should belong to for this Forwarding Rule.
         # If the network specified is in auto subnet mode, this field is optional.
@@ -8517,11 +8926,11 @@ module Google
         attr_accessor :subnetwork
       
         # The URL of the target resource to receive the matched traffic. For regional
-        # forwarding rules, this target must live in the same region as the forwarding
+        # forwarding rules, this target must be in the same region as the forwarding
         # rule. For global forwarding rules, this target must be a global load balancing
         # resource. The forwarded traffic must be of a type appropriate to the target
-        # object. For INTERNAL_SELF_MANAGED load balancing, only targetHttpProxy is
-        # valid, not targetHttpsProxy.
+        # object. For more information, see the "Target" column in [Port specifications](
+        # /load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
         # Corresponds to the JSON property `target`
         # @return [String]
         attr_accessor :target
@@ -8556,6 +8965,7 @@ module Google
           @region = args[:region] if args.key?(:region)
           @self_link = args[:self_link] if args.key?(:self_link)
           @self_link_with_id = args[:self_link_with_id] if args.key?(:self_link_with_id)
+          @service_directory_registrations = args[:service_directory_registrations] if args.key?(:service_directory_registrations)
           @service_label = args[:service_label] if args.key?(:service_label)
           @service_name = args[:service_name] if args.key?(:service_name)
           @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
@@ -8823,6 +9233,33 @@ module Google
         end
       end
       
+      # Describes the auto-registration of the Forwarding Rule to Service Directory.
+      # The region and project of the Service Directory resource generated from this
+      # registration will be the same as this Forwarding Rule.
+      class ForwardingRuleServiceDirectoryRegistration
+        include Google::Apis::Core::Hashable
+      
+        # Service Directory namespace to register the forwarding rule under.
+        # Corresponds to the JSON property `namespace`
+        # @return [String]
+        attr_accessor :namespace
+      
+        # Service Directory service to register the forwarding rule under.
+        # Corresponds to the JSON property `service`
+        # @return [String]
+        attr_accessor :service
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @namespace = args[:namespace] if args.key?(:namespace)
+          @service = args[:service] if args.key?(:service)
+        end
+      end
+      
       # 
       class ForwardingRulesScopedList
         include Google::Apis::Core::Hashable
@@ -10429,6 +10866,8 @@ module Google
         # port numbers in the format host:port. * matches any string of ([a-z0-9-.]*).
         # In that case, * must be the first character and must be followed in the
         # pattern by either - or ..
+        # * based matching is not supported when the URL map is bound to target gRPC
+        # proxy that has validateForProxyless field set to true.
         # Corresponds to the JSON property `hosts`
         # @return [Array<String>]
         attr_accessor :hosts
@@ -10634,6 +11073,13 @@ module Google
         # For matching against the HTTP request's authority, use a headerMatch with the
         # header name ":authority".
         # For matching a request's method, use the headerName ":method".
+        # When the URL map is bound to target gRPC proxy that has validateForProxyless
+        # field set to true, only non-binary user-specified custom metadata and the `
+        # content-type` header are supported. The following transport-level headers
+        # cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:
+        # scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-
+        # encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `
+        # grpc-timeout` and `grpc-trace-bin.
         # Corresponds to the JSON property `headerName`
         # @return [String]
         attr_accessor :header_name
@@ -11209,10 +11655,10 @@ module Google
         # A list of weighted backend services to send traffic to when a route match
         # occurs. The weights determine the fraction of traffic that flows to their
         # corresponding backend service. If all traffic needs to go to a single backend
-        # service, there must be one  weightedBackendService with weight set to a non 0
-        # number.
+        # service, there must be one  weightedBackendService with weight set to a non-
+        # zero number.
         # Once a backendService is identified and before forwarding the request to the
-        # backend service, advanced routing actions like Url rewrites and header
+        # backend service, advanced routing actions such as URL rewrites and header
         # transformations are applied depending on additional settings specified in this
         # HttpRouteAction.
         # Corresponds to the JSON property `weightedBackendServices`
@@ -11256,6 +11702,8 @@ module Google
         # enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers
         # with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for
         # more details.
+        # Not supported when the URL map is bound to target gRPC proxy that has
+        # validateForProxyless field set to true.
         # Corresponds to the JSON property `httpFilterConfigs`
         # @return [Array<Google::Apis::ComputeAlpha::HttpFilterConfig>]
         attr_accessor :http_filter_configs
@@ -11265,11 +11713,17 @@ module Google
         # Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See
         # ForwardingRule for more details.
         # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+        # Not supported when the URL map is bound to target gRPC proxy that has
+        # validateForProxyless field set to true.
         # Corresponds to the JSON property `httpFilterMetadata`
         # @return [Array<Google::Apis::ComputeAlpha::HttpFilterConfig>]
         attr_accessor :http_filter_metadata
       
-        # 
+        # The list of criteria for matching attributes of a request to this routeRule.
+        # This list has OR semantics: the request matches this routeRule when any of the
+        # matchRules are satisfied. However predicates within a given matchRule have AND
+        # semantics. All predicates within a matchRule must match for the request to
+        # match the rule.
         # Corresponds to the JSON property `matchRules`
         # @return [Array<Google::Apis::ComputeAlpha::HttpRouteRuleMatch>]
         attr_accessor :match_rules
@@ -11297,6 +11751,8 @@ module Google
         # routeAction cannot contain any  weightedBackendServices.
         # Only one of urlRedirect, service or routeAction.weightedBackendService must be
         # set.
+        # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action
+        # within a routeRule's routeAction.
         # Corresponds to the JSON property `routeAction`
         # @return [Google::Apis::ComputeAlpha::HttpRouteAction]
         attr_accessor :route_action
@@ -11359,6 +11815,7 @@ module Google
         # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
         # The default value is false.
         # ignoreCase must not be used with regexMatch.
+        # Not supported when the URL map is bound to target gRPC proxy.
         # Corresponds to the JSON property `ignoreCase`
         # @return [Boolean]
         attr_accessor :ignore_case
@@ -11366,17 +11823,20 @@ module Google
       
         # Opaque filter criteria used by Loadbalancer to restrict routing configuration
         # to a limited set of xDS compliant clients. In their xDS requests to
-        # Loadbalancer, xDS clients present node metadata. If a match takes place, the
+        # Loadbalancer, xDS clients present node metadata. When there is a match, the
         # relevant routing configuration is made available to those proxies.
         # For each metadataFilter in this list, if its filterMatchCriteria is set to
         # MATCH_ANY, at least one of the filterLabels must match the corresponding label
         # provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then
         # all of its filterLabels must match with corresponding labels provided in the
-        # metadata.
+        # metadata. If multiple metadataFilters are specified, all of them need to be
+        # satisfied in order to be considered a match.
         # metadataFilters specified here will be applied after those specified in
         # ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
         # metadataFilters only applies to Loadbalancers that have their
         # loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # Not supported when the URL map is bound to target gRPC proxy that has
+        # validateForProxyless field set to true.
         # Corresponds to the JSON property `metadataFilters`
         # @return [Array<Google::Apis::ComputeAlpha::MetadataFilter>]
         attr_accessor :metadata_filters
@@ -11391,6 +11851,7 @@ module Google
       
         # Specifies a list of query parameter match criteria, all of which must match
         # corresponding query parameters in the request.
+        # Not supported when the URL map is bound to target gRPC proxy.
         # Corresponds to the JSON property `queryParameterMatches`
         # @return [Array<Google::Apis::ComputeAlpha::HttpQueryParameterMatch>]
         attr_accessor :query_parameter_matches
@@ -11705,7 +12166,14 @@ module Google
         # @return [Fixnum]
         attr_accessor :id
       
-        # Represents a customer-supplied encryption key
+        # Encrypts the image using a customer-supplied encryption key.
+        # After you encrypt an image with a customer-supplied key, you must provide the
+        # same key if you use the image later (e.g. to create a disk from the image).
+        # Customer-supplied encryption keys do not protect access to metadata of the
+        # disk.
+        # If you do not provide an encryption key when creating the image, then the disk
+        # will be encrypted using an automatically generated key and you do not need to
+        # provide a key to use the image later.
         # Corresponds to the JSON property `imageEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :image_encryption_key
@@ -11785,7 +12253,8 @@ module Google
         # @return [String]
         attr_accessor :source_disk
       
-        # Represents a customer-supplied encryption key
+        # The customer-supplied encryption key of the source disk. Required if the
+        # source disk is protected by a customer-supplied encryption key.
         # Corresponds to the JSON property `sourceDiskEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :source_disk_encryption_key
@@ -11808,7 +12277,8 @@ module Google
         # @return [String]
         attr_accessor :source_image
       
-        # Represents a customer-supplied encryption key
+        # The customer-supplied encryption key of the source image. Required if the
+        # source image is protected by a customer-supplied encryption key.
         # Corresponds to the JSON property `sourceImageEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :source_image_encryption_key
@@ -11832,7 +12302,8 @@ module Google
         # @return [String]
         attr_accessor :source_snapshot
       
-        # Represents a customer-supplied encryption key
+        # The customer-supplied encryption key of the source snapshot. Required if the
+        # source snapshot is protected by a customer-supplied encryption key.
         # Corresponds to the JSON property `sourceSnapshotEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :source_snapshot_encryption_key
@@ -12454,7 +12925,19 @@ module Google
         # @return [Fixnum]
         attr_accessor :id
       
-        # Represents a customer-supplied encryption key
+        # Encrypts or decrypts data for an instance with a customer-supplied encryption
+        # key.
+        # If you are creating a new instance, this field encrypts the local SSD and in-
+        # memory contents of the instance using a key that you provide.
+        # If you are restarting an instance protected with a customer-supplied
+        # encryption key, you must provide the correct key in order to successfully
+        # restart the instance.
+        # If you do not provide an encryption key when creating the instance, then the
+        # local SSD and in-memory contents will be encrypted using an automatically
+        # generated key and you do not need to provide a key to start the instance later.
+        # Instance templates do not store customer-supplied encryption keys, so you
+        # cannot use your own keys to encrypt local SSDs and in-memory content in a
+        # managed instance group.
         # Corresponds to the JSON property `instanceEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :instance_encryption_key
@@ -12543,7 +13026,7 @@ module Google
         # @return [Array<Google::Apis::ComputeAlpha::NetworkInterface>]
         attr_accessor :network_interfaces
       
-        # Specifies whether this instance will be shut down on key revocation.
+        # PostKeyRevocationActionType of the instance.
         # Corresponds to the JSON property `postKeyRevocationActionType`
         # @return [String]
         attr_accessor :post_key_revocation_action_type
@@ -12569,11 +13052,23 @@ module Google
         # @return [Array<String>]
         attr_accessor :resource_policies
       
-        # Sets the scheduling options for an Instance. NextID: 12
+        # [Output Only] Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzs`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzs
+        alias_method :satisfies_pzs?, :satisfies_pzs
+      
+        # Sets the scheduling options for an Instance. NextID: 13
         # Corresponds to the JSON property `scheduling`
         # @return [Google::Apis::ComputeAlpha::Scheduling]
         attr_accessor :scheduling
       
+        # Secure labels to apply to this instance. These can be later modified by the
+        # update method. Maximum number of secure labels allowed is 300.
+        # Corresponds to the JSON property `secureLabels`
+        # @return [Array<String>]
+        attr_accessor :secure_labels
+      
         # [Output Only] Server-defined URL for this resource.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
@@ -12620,7 +13115,7 @@ module Google
         # @return [String]
         attr_accessor :source_machine_image
       
-        # Represents a customer-supplied encryption key
+        # Source GMI encryption key when creating an instance from GMI.
         # Corresponds to the JSON property `sourceMachineImageEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :source_machine_image_encryption_key
@@ -12634,7 +13129,8 @@ module Google
       
         # [Output Only] The status of the instance. One of the following values:
         # PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING,
-        # and TERMINATED.
+        # and TERMINATED. For more information about the status of the instance, see
+        # Instance life cycle.
         # Corresponds to the JSON property `status`
         # @return [String]
         attr_accessor :status
@@ -12698,7 +13194,9 @@ module Google
           @private_ipv6_google_access = args[:private_ipv6_google_access] if args.key?(:private_ipv6_google_access)
           @reservation_affinity = args[:reservation_affinity] if args.key?(:reservation_affinity)
           @resource_policies = args[:resource_policies] if args.key?(:resource_policies)
+          @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
           @scheduling = args[:scheduling] if args.key?(:scheduling)
+          @secure_labels = args[:secure_labels] if args.key?(:secure_labels)
           @self_link = args[:self_link] if args.key?(:self_link)
           @self_link_with_id = args[:self_link_with_id] if args.key?(:self_link_with_id)
           @service_accounts = args[:service_accounts] if args.key?(:service_accounts)
@@ -15397,7 +15895,7 @@ module Google
         # @return [Array<Google::Apis::ComputeAlpha::NetworkInterface>]
         attr_accessor :network_interfaces
       
-        # Specifies whether instances will be shut down on key revocation.
+        # PostKeyRevocationActionType of the instance.
         # Corresponds to the JSON property `postKeyRevocationActionType`
         # @return [String]
         attr_accessor :post_key_revocation_action_type
@@ -15419,7 +15917,7 @@ module Google
         # @return [Array<String>]
         attr_accessor :resource_policies
       
-        # Sets the scheduling options for an Instance. NextID: 12
+        # Sets the scheduling options for an Instance. NextID: 13
         # Corresponds to the JSON property `scheduling`
         # @return [Google::Apis::ComputeAlpha::Scheduling]
         attr_accessor :scheduling
@@ -15839,7 +16337,11 @@ module Google
         # @return [Array<Google::Apis::ComputeAlpha::CustomerEncryptionKeyProtectedDisk>]
         attr_accessor :disks
       
-        # Represents a customer-supplied encryption key
+        # Decrypts data associated with an instance that is protected with a customer-
+        # supplied encryption key.
+        # If the instance you are starting is protected with a customer-supplied
+        # encryption key, the correct key must be provided otherwise the instance resume
+        # will not succeed.
         # Corresponds to the JSON property `instanceEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :instance_encryption_key
@@ -16098,7 +16600,11 @@ module Google
         # @return [Array<Google::Apis::ComputeAlpha::CustomerEncryptionKeyProtectedDisk>]
         attr_accessor :disks
       
-        # Represents a customer-supplied encryption key
+        # Decrypts data associated with an instance that is protected with a customer-
+        # supplied encryption key.
+        # If the instance you are starting is protected with a customer-supplied
+        # encryption key, the correct key must be provided otherwise the instance start
+        # will not succeed.
         # Corresponds to the JSON property `instanceEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :instance_encryption_key
@@ -16114,6 +16620,267 @@ module Google
         end
       end
       
+      # Represents a InstantSnapshot resource.
+      # You can use instant snapshots to create disk rollback points quickly.. (==
+      # resource_for `$api_version`.instantSnapshots ==)
+      class InstantSnapshot
+        include Google::Apis::Core::Hashable
+      
+        # [Output Only] Creation timestamp in RFC3339 text format.
+        # Corresponds to the JSON property `creationTimestamp`
+        # @return [String]
+        attr_accessor :creation_timestamp
+      
+        # An optional description of this resource. Provide this property when you
+        # create the resource.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # [Output Only] Size of the source disk, specified in GB.
+        # Corresponds to the JSON property `diskSizeGb`
+        # @return [Fixnum]
+        attr_accessor :disk_size_gb
+      
+        # Whether to attempt an application consistent instant snapshot by informing the
+        # OS to prepare for the snapshot process. Currently only supported on Windows
+        # instances using the Volume Shadow Copy Service (VSS).
+        # Corresponds to the JSON property `guestFlush`
+        # @return [Boolean]
+        attr_accessor :guest_flush
+        alias_method :guest_flush?, :guest_flush
+      
+        # [Output Only] The unique identifier for the resource. This identifier is
+        # defined by the server.
+        # Corresponds to the JSON property `id`
+        # @return [Fixnum]
+        attr_accessor :id
+      
+        # [Output Only] Type of the resource. Always compute#instantSnapshot for
+        # InstantSnapshot resources.
+        # Corresponds to the JSON property `kind`
+        # @return [String]
+        attr_accessor :kind
+      
+        # A fingerprint for the labels being applied to this InstantSnapshot, which is
+        # essentially a hash of the labels set used for optimistic locking. The
+        # fingerprint is initially generated by Compute Engine and changes after every
+        # request to modify or update labels. You must always provide an up-to-date
+        # fingerprint hash in order to update or change labels, otherwise the request
+        # will fail with error 412 conditionNotMet.
+        # To see the latest fingerprint, make a get() request to retrieve a
+        # InstantSnapshot.
+        # Corresponds to the JSON property `labelFingerprint`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :label_fingerprint
+      
+        # Labels to apply to this InstantSnapshot. These can be later modified by the
+        # setLabels method. Label values may be empty.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Name of the resource; provided by the client when the resource is created. The
+        # name must be 1-63 characters long, and comply with RFC1035. Specifically, the
+        # name must be 1-63 characters long and match the regular expression `[a-z]([-a-
+        # z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter,
+        # and all following characters must be a dash, lowercase letter, or digit,
+        # except the last character, which cannot be a dash.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # [Output Only] URL of the region where the instant snapshot resides. You must
+        # specify this field as part of the HTTP request URL. It is not settable as a
+        # field in the request body.
+        # Corresponds to the JSON property `region`
+        # @return [String]
+        attr_accessor :region
+      
+        # [Output Only] Server-defined URL for the resource.
+        # Corresponds to the JSON property `selfLink`
+        # @return [String]
+        attr_accessor :self_link
+      
+        # [Output Only] Server-defined URL for this resource's resource id.
+        # Corresponds to the JSON property `selfLinkWithId`
+        # @return [String]
+        attr_accessor :self_link_with_id
+      
+        # URL of the source disk used to create this instant snapshot. Note that the
+        # source disk must be in the same zone/region as the instant snapshot to be
+        # created. This can be a full or valid partial URL. For example, the following
+        # are valid values:
+        # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+        # - projects/project/zones/zone/disks/disk
+        # - zones/zone/disks/disk
+        # Corresponds to the JSON property `sourceDisk`
+        # @return [String]
+        attr_accessor :source_disk
+      
+        # [Output Only] The ID value of the disk used to create this InstantSnapshot.
+        # This value may be used to determine whether the InstantSnapshot was taken from
+        # the current or a previous instance of a given disk name.
+        # Corresponds to the JSON property `sourceDiskId`
+        # @return [String]
+        attr_accessor :source_disk_id
+      
+        # [Output Only] The status of the instantSnapshot. This can be CREATING,
+        # DELETING, FAILED, or READY.
+        # Corresponds to the JSON property `status`
+        # @return [String]
+        attr_accessor :status
+      
+        # [Output Only] URL of the zone where the instant snapshot resides. You must
+        # specify this field as part of the HTTP request URL. It is not settable as a
+        # field in the request body.
+        # Corresponds to the JSON property `zone`
+        # @return [String]
+        attr_accessor :zone
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
+          @description = args[:description] if args.key?(:description)
+          @disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
+          @guest_flush = args[:guest_flush] if args.key?(:guest_flush)
+          @id = args[:id] if args.key?(:id)
+          @kind = args[:kind] if args.key?(:kind)
+          @label_fingerprint = args[:label_fingerprint] if args.key?(:label_fingerprint)
+          @labels = args[:labels] if args.key?(:labels)
+          @name = args[:name] if args.key?(:name)
+          @region = args[:region] if args.key?(:region)
+          @self_link = args[:self_link] if args.key?(:self_link)
+          @self_link_with_id = args[:self_link_with_id] if args.key?(:self_link_with_id)
+          @source_disk = args[:source_disk] if args.key?(:source_disk)
+          @source_disk_id = args[:source_disk_id] if args.key?(:source_disk_id)
+          @status = args[:status] if args.key?(:status)
+          @zone = args[:zone] if args.key?(:zone)
+        end
+      end
+      
+      # Contains a list of InstantSnapshot resources.
+      class InstantSnapshotList
+        include Google::Apis::Core::Hashable
+      
+        # [Output Only] Unique identifier for the resource; defined by the server.
+        # Corresponds to the JSON property `id`
+        # @return [String]
+        attr_accessor :id
+      
+        # A list of InstantSnapshot resources.
+        # Corresponds to the JSON property `items`
+        # @return [Array<Google::Apis::ComputeAlpha::InstantSnapshot>]
+        attr_accessor :items
+      
+        # Type of resource.
+        # Corresponds to the JSON property `kind`
+        # @return [String]
+        attr_accessor :kind
+      
+        # [Output Only] This token allows you to get the next page of results for list
+        # requests. If the number of results is larger than maxResults, use the
+        # nextPageToken as a value for the query parameter pageToken in the next list
+        # request. Subsequent list requests will have their own nextPageToken to
+        # continue paging through the results.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # [Output Only] Server-defined URL for this resource.
+        # Corresponds to the JSON property `selfLink`
+        # @return [String]
+        attr_accessor :self_link
+      
+        # [Output Only] Informational warning message.
+        # Corresponds to the JSON property `warning`
+        # @return [Google::Apis::ComputeAlpha::InstantSnapshotList::Warning]
+        attr_accessor :warning
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @id = args[:id] if args.key?(:id)
+          @items = args[:items] if args.key?(:items)
+          @kind = args[:kind] if args.key?(:kind)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @self_link = args[:self_link] if args.key?(:self_link)
+          @warning = args[:warning] if args.key?(:warning)
+        end
+        
+        # [Output Only] Informational warning message.
+        class Warning
+          include Google::Apis::Core::Hashable
+        
+          # [Output Only] A warning code, if applicable. For example, Compute Engine
+          # returns NO_RESULTS_ON_PAGE if there are no results in the response.
+          # Corresponds to the JSON property `code`
+          # @return [String]
+          attr_accessor :code
+        
+          # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ ` "key": "scope", "value": "zones/us-east1-d" `
+          # Corresponds to the JSON property `data`
+          # @return [Array<Google::Apis::ComputeAlpha::InstantSnapshotList::Warning::Datum>]
+          attr_accessor :data
+        
+          # [Output Only] A human-readable description of the warning code.
+          # Corresponds to the JSON property `message`
+          # @return [String]
+          attr_accessor :message
+        
+          def initialize(**args)
+             update!(**args)
+          end
+        
+          # Update properties of this object
+          def update!(**args)
+            @code = args[:code] if args.key?(:code)
+            @data = args[:data] if args.key?(:data)
+            @message = args[:message] if args.key?(:message)
+          end
+          
+          # 
+          class Datum
+            include Google::Apis::Core::Hashable
+          
+            # [Output Only] A key that provides more detail on the warning being returned.
+            # For example, for warnings where there are no results in a list request for a
+            # particular zone, this key might be scope and the key value might be the zone
+            # name. Other examples might be a key indicating a deprecated resource and a
+            # suggested replacement, or a warning about invalid network settings (for
+            # example, if an instance attempts to perform IP forwarding but is not enabled
+            # for IP forwarding).
+            # Corresponds to the JSON property `key`
+            # @return [String]
+            attr_accessor :key
+          
+            # [Output Only] A warning data value corresponding to the key.
+            # Corresponds to the JSON property `value`
+            # @return [String]
+            attr_accessor :value
+          
+            def initialize(**args)
+               update!(**args)
+            end
+          
+            # Update properties of this object
+            def update!(**args)
+              @key = args[:key] if args.key?(:key)
+              @value = args[:value] if args.key?(:value)
+            end
+          end
+        end
+      end
+      
       # HttpRouteRuleMatch criteria for field values that must stay within the
       # specified integer range.
       class Int64RangeMatch
@@ -16444,6 +17211,11 @@ module Google
         # @return [String]
         attr_accessor :edge_availability_domain
       
+        # Indicates the user-supplied encryption option of this interconnect attachment.
+        # Corresponds to the JSON property `encryption`
+        # @return [String]
+        attr_accessor :encryption
+      
         # [Output Only] Google reference ID, to be used when raising support tickets
         # with Google or otherwise to debug backend connectivity issues. [Deprecated]
         # This field is not used.
@@ -16463,6 +17235,22 @@ module Google
         # @return [String]
         attr_accessor :interconnect
       
+        # URL of addresses that have been reserved for the interconnect attachment, Used
+        # only for interconnect attachment that has the encryption option as IPSEC. The
+        # addresses must be RFC 1918 IP address ranges. When creating HA VPN gateway
+        # over the interconnect attachment, if the attachment is configured to use an
+        # RFC 1918 IP address, then the VPN gateway?s IP address will be allocated from
+        # the IP address range specified here. For example, if the HA VPN gateway?s
+        # interface 0 is paired to this interconnect attachment, then an RFC 1918 IP
+        # address for the VPN gateway interface 0 will be allocated from the IP address
+        # specified for this interconnect attachment. If this field is not specified for
+        # interconnect attachment that has encryption option as IPSEC, later on when
+        # creating HA VPN gateway on this interconnect attachment, the HA VPN gateway's
+        # IP address will be allocated from regional external IP address pool.
+        # Corresponds to the JSON property `ipsecInternalAddresses`
+        # @return [Array<String>]
+        attr_accessor :ipsec_internal_addresses
+      
         # [Output Only] Type of the resource. Always compute#interconnectAttachment for
         # interconnect attachments.
         # Corresponds to the JSON property `kind`
@@ -16621,9 +17409,11 @@ module Google
           @customer_router_ip_address = args[:customer_router_ip_address] if args.key?(:customer_router_ip_address)
           @description = args[:description] if args.key?(:description)
           @edge_availability_domain = args[:edge_availability_domain] if args.key?(:edge_availability_domain)
+          @encryption = args[:encryption] if args.key?(:encryption)
           @google_reference_id = args[:google_reference_id] if args.key?(:google_reference_id)
           @id = args[:id] if args.key?(:id)
           @interconnect = args[:interconnect] if args.key?(:interconnect)
+          @ipsec_internal_addresses = args[:ipsec_internal_addresses] if args.key?(:ipsec_internal_addresses)
           @kind = args[:kind] if args.key?(:kind)
           @label_fingerprint = args[:label_fingerprint] if args.key?(:label_fingerprint)
           @labels = args[:labels] if args.key?(:labels)
@@ -18720,7 +19510,7 @@ module Google
         # @return [String]
         attr_accessor :description
       
-        # [Input Only] Specifies to create an application consistent machine image by
+        # [Input Only] Whether to attempt an application consistent machine image by
         # informing the OS to prepare for the snapshot process. Currently only supported
         # on Windows instances using the Volume Shadow Copy Service (VSS).
         # Corresponds to the JSON property `guestFlush`
@@ -18740,7 +19530,16 @@ module Google
         # @return [String]
         attr_accessor :kind
       
-        # Represents a customer-supplied encryption key
+        # Encrypts the machine image using a customer-supplied encryption key.
+        # After you encrypt a machine image using a customer-supplied key, you must
+        # provide the same key if you use the machine image later. For example, you must
+        # provide the encryption key when you create an instance from the encrypted
+        # machine image in a future request.
+        # Customer-supplied encryption keys do not protect access to metadata of the
+        # machine image.
+        # If you do not provide an encryption key when creating the machine image, then
+        # the machine image will be encrypted using an automatically generated key and
+        # you do not need to provide a key to use the machine image later.
         # Corresponds to the JSON property `machineImageEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :machine_image_encryption_key
@@ -20057,10 +20856,11 @@ module Google
       # Represents a collection of network endpoints.
       # A network endpoint group (NEG) defines how a set of endpoints should be
       # reached, whether they are reachable, and where they are located. For more
-      # information about using NEGs, see  Setting up internet NEGs or  Setting up
-      # zonal NEGs. (== resource_for `$api_version`.networkEndpointGroups ==) (==
-      # resource_for `$api_version`.globalNetworkEndpointGroups ==) (== resource_for `$
-      # api_version`.regionNetworkEndpointGroups ==)
+      # information about using NEGs, see  Setting up internet NEGs,  Setting up zonal
+      # NEGs, or  Setting up serverless NEGs. (== resource_for `$api_version`.
+      # networkEndpointGroups ==) (== resource_for `$api_version`.
+      # globalNetworkEndpointGroups ==) (== resource_for `$api_version`.
+      # regionNetworkEndpointGroups ==)
       class NetworkEndpointGroup
         include Google::Apis::Core::Hashable
       
@@ -20146,7 +20946,9 @@ module Google
         # @return [String]
         attr_accessor :network
       
-        # Type of network endpoints in this network endpoint group.
+        # Type of network endpoints in this network endpoint group. Can be one of
+        # GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT,
+        # or SERVERLESS.
         # Corresponds to the JSON property `networkEndpointType`
         # @return [String]
         attr_accessor :network_endpoint_type
@@ -21010,6 +21812,15 @@ module Google
         # @return [String]
         attr_accessor :network_ip
       
+        # The networking queue count for the network interface. Both Rx and Tx queues
+        # will be set to this number. If it's not specified by the user, a default
+        # number of queues will be assigned. For Virtio-net, each interface will get (
+        # min(#vCPU, 32) / #vNIC) queues. For gVNIC, each interface will get (min(#vCPU /
+        # 2, 16) / #vNIC) qeueus.
+        # Corresponds to the JSON property `queueCount`
+        # @return [Fixnum]
+        attr_accessor :queue_count
+      
         # The URL of the Subnetwork resource for this instance. If the network resource
         # is in legacy mode, do not specify this field. If the network is in auto subnet
         # mode, specifying the subnetwork is optional. If the network is in custom
@@ -21037,6 +21848,7 @@ module Google
           @name = args[:name] if args.key?(:name)
           @network = args[:network] if args.key?(:network)
           @network_ip = args[:network_ip] if args.key?(:network_ip)
+          @queue_count = args[:queue_count] if args.key?(:queue_count)
           @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
         end
       end
@@ -21505,7 +22317,9 @@ module Google
         attr_accessor :location_hint
       
         # Specifies how to handle instances when a node in the group undergoes
-        # maintenance.
+        # maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or
+        # MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information,
+        # see  Maintenance policies.
         # Corresponds to the JSON property `maintenancePolicy`
         # @return [String]
         attr_accessor :maintenance_policy
@@ -21711,7 +22525,8 @@ module Google
       class NodeGroupAutoscalingPolicy
         include Google::Apis::Core::Hashable
       
-        # The maximum number of nodes that the group should have.
+        # The maximum number of nodes that the group should have. Must be set if
+        # autoscaling is enabled. Maximum value allowed is 100.
         # Corresponds to the JSON property `maxNodes`
         # @return [Fixnum]
         attr_accessor :max_nodes
@@ -21721,7 +22536,8 @@ module Google
         # @return [Fixnum]
         attr_accessor :min_nodes
       
-        # The autoscaling mode.
+        # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more
+        # information, see  Autoscaler modes.
         # Corresponds to the JSON property `mode`
         # @return [String]
         attr_accessor :mode
@@ -21919,6 +22735,12 @@ module Google
         # @return [String]
         attr_accessor :node_type
       
+        # [Output Only] Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzs`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzs
+        alias_method :satisfies_pzs?, :satisfies_pzs
+      
         # Binding properties for the physical server.
         # Corresponds to the JSON property `serverBinding`
         # @return [Google::Apis::ComputeAlpha::ServerBinding]
@@ -21946,6 +22768,7 @@ module Google
           @instances = args[:instances] if args.key?(:instances)
           @name = args[:name] if args.key?(:name)
           @node_type = args[:node_type] if args.key?(:node_type)
+          @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
           @server_binding = args[:server_binding] if args.key?(:server_binding)
           @server_id = args[:server_id] if args.key?(:server_id)
           @status = args[:status] if args.key?(:status)
@@ -25549,7 +26372,8 @@ module Google
         attr_accessor :usage_export_location
       
         # [Output Only] The role this project has in a shared VPC configuration.
-        # Currently only HOST projects are differentiated.
+        # Currently, only projects with the host role, which is specified by the value
+        # HOST, are differentiated.
         # Corresponds to the JSON property `xpnProjectStatus`
         # @return [String]
         attr_accessor :xpn_project_status
@@ -25942,20 +26766,30 @@ module Google
       class PublicAdvertisedPrefixPublicDelegatedPrefix
         include Google::Apis::Core::Hashable
       
+        # The IP address range of the public delegated prefix
+        # Corresponds to the JSON property `ipRange`
+        # @return [String]
+        attr_accessor :ip_range
+      
         # The name of the public delegated prefix
         # Corresponds to the JSON property `name`
         # @return [String]
         attr_accessor :name
       
+        # The project number of the public delegated prefix
+        # Corresponds to the JSON property `project`
+        # @return [String]
+        attr_accessor :project
+      
         # The region of the public delegated prefix if it is regional. If absent, the
         # prefix is global.
         # Corresponds to the JSON property `region`
         # @return [String]
         attr_accessor :region
       
-        # The status of the public delegated prefix. Possible values are: ACTIVE: The
-        # public delegated prefix is active DRAINED: The public delegated prefix is
-        # drained.
+        # The status of the public delegated prefix. Possible values are: INITIALIZING:
+        # The public delegated prefix is being initialized and addresses cannot be
+        # created yet. ANNOUNCED: The public delegated prefix is active.
         # Corresponds to the JSON property `status`
         # @return [String]
         attr_accessor :status
@@ -25966,7 +26800,9 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @ip_range = args[:ip_range] if args.key?(:ip_range)
           @name = args[:name] if args.key?(:name)
+          @project = args[:project] if args.key?(:project)
           @region = args[:region] if args.key?(:region)
           @status = args[:status] if args.key?(:status)
         end
@@ -26648,6 +27484,12 @@ module Google
         # @return [String]
         attr_accessor :status
       
+        # [Output Only] Reserved for future use.
+        # Corresponds to the JSON property `supportsPzs`
+        # @return [Boolean]
+        attr_accessor :supports_pzs
+        alias_method :supports_pzs?, :supports_pzs
+      
         # [Output Only] A list of zones available in this region, in the form of
         # resource URLs.
         # Corresponds to the JSON property `zones`
@@ -26670,6 +27512,7 @@ module Google
           @self_link = args[:self_link] if args.key?(:self_link)
           @self_link_with_id = args[:self_link_with_id] if args.key?(:self_link_with_id)
           @status = args[:status] if args.key?(:status)
+          @supports_pzs = args[:supports_pzs] if args.key?(:supports_pzs)
           @zones = args[:zones] if args.key?(:zones)
         end
       end
@@ -27301,7 +28144,7 @@ module Google
         end
       end
       
-      # InstanceGroupManagers.applyUpdatesToInstances
+      # RegionInstanceGroupManagers.applyUpdatesToInstances
       class RegionInstanceGroupManagersApplyUpdatesRequest
         include Google::Apis::Core::Hashable
       
@@ -28066,6 +28909,10 @@ module Google
         # Traffic Director.
         # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. *
         # regionUrlMaps are used by internal HTTP(S) load balancers.
+        # For a list of supported URL map features by load balancer type, see the  Load
+        # balancing features: Routing and traffic management table.
+        # For a list of supported URL map features for Traffic Director, see the
+        # Traffic Director features: Routing and traffic management table.
         # This resource defines mappings from host names and URL paths to either a
         # backend service or a backend bucket.
         # To use the global urlMaps resource, the backend service must have a
@@ -29107,12 +29954,19 @@ module Google
       class ResourcePolicyInstanceSchedulePolicy
         include Google::Apis::Core::Hashable
       
-        # Schedule for the instance operation.
+        # Specifies the time zone to be used in interpreting Schedule.schedule. The
+        # value of this field must be a time zone name from the tz database: http://en.
+        # wikipedia.org/wiki/Tz_database.
+        # Corresponds to the JSON property `timeZone`
+        # @return [String]
+        attr_accessor :time_zone
+      
+        # Schedule for an instance operation.
         # Corresponds to the JSON property `vmStartSchedule`
         # @return [Google::Apis::ComputeAlpha::ResourcePolicyInstanceSchedulePolicySchedule]
         attr_accessor :vm_start_schedule
       
-        # Schedule for the instance operation.
+        # Schedule for an instance operation.
         # Corresponds to the JSON property `vmStopSchedule`
         # @return [Google::Apis::ComputeAlpha::ResourcePolicyInstanceSchedulePolicySchedule]
         attr_accessor :vm_stop_schedule
@@ -29123,12 +29977,13 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @time_zone = args[:time_zone] if args.key?(:time_zone)
           @vm_start_schedule = args[:vm_start_schedule] if args.key?(:vm_start_schedule)
           @vm_stop_schedule = args[:vm_stop_schedule] if args.key?(:vm_stop_schedule)
         end
       end
       
-      # Schedule for the instance operation.
+      # Schedule for an instance operation.
       class ResourcePolicyInstanceSchedulePolicySchedule
         include Google::Apis::Core::Hashable
       
@@ -29137,13 +29992,6 @@ module Google
         # @return [String]
         attr_accessor :schedule
       
-        # Specifies the time zone to be used in interpreting Schedule.schedule. The
-        # value of this field must be a time zone name from the tz database: http://en.
-        # wikipedia.org/wiki/Tz_database.
-        # Corresponds to the JSON property `timeZone`
-        # @return [String]
-        attr_accessor :time_zone
-      
         def initialize(**args)
            update!(**args)
         end
@@ -29151,7 +29999,6 @@ module Google
         # Update properties of this object
         def update!(**args)
           @schedule = args[:schedule] if args.key?(:schedule)
-          @time_zone = args[:time_zone] if args.key?(:time_zone)
         end
       end
       
@@ -29322,8 +30169,8 @@ module Google
         # @return [Fixnum]
         attr_accessor :max_retention_days
       
-        # Specifies the behavior to apply to existing, scheduled snapshots snapshots if
-        # the policy is changed.
+        # TODO(b/165626794): Remove this field Specifies the behavior to apply to
+        # existing, scheduled snapshots snapshots if the policy is changed.
         # Corresponds to the JSON property `onPolicySwitch`
         # @return [String]
         attr_accessor :on_policy_switch
@@ -30298,6 +31145,14 @@ module Google
         # @return [String]
         attr_accessor :peer_ip_address
       
+        # URI of the VM instance that is used as third party router appliances such as
+        # Next Gen Firewalls, Virtual Routers, SD-WAN. The VM instance must live in
+        # zones contained in the same region as this Cloud Router. The VM instance is
+        # the peer side of the BGP session.
+        # Corresponds to the JSON property `routerApplianceInstance`
+        # @return [String]
+        attr_accessor :router_appliance_instance
+      
         def initialize(**args)
            update!(**args)
         end
@@ -30316,6 +31171,7 @@ module Google
           @name = args[:name] if args.key?(:name)
           @peer_asn = args[:peer_asn] if args.key?(:peer_asn)
           @peer_ip_address = args[:peer_ip_address] if args.key?(:peer_ip_address)
+          @router_appliance_instance = args[:router_appliance_instance] if args.key?(:router_appliance_instance)
         end
       end
       
@@ -30457,6 +31313,35 @@ module Google
         # @return [String]
         attr_accessor :name
       
+        # The regional private internal IP address that will be used to establish BGP
+        # session to a VM instance, which is used as third party router appliances such
+        # as Next Gen Firewalls, Virtual Routers, SD-WAN.
+        # Corresponds to the JSON property `privateIpAddress`
+        # @return [String]
+        attr_accessor :private_ip_address
+      
+        # Name of the interface that will be redundant with the current interface you
+        # are creating. The redundantInterface must belong to the same Cloud Router as
+        # the interface here. To establish the BGP session to SD-WAN VM, you must create
+        # two BGP peers, and the two BGP peers need to be attached to two separate
+        # interfaces that are redundant with each other. The redundant_interface must be
+        # 1-63 characters long, and comply with RFC1035. Specifically, the
+        # redundant_interface must be 1-63 characters long and match the regular
+        # expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must
+        # be a lowercase letter, and all following characters must be a dash, lowercase
+        # letter, or digit, except the last character, which cannot be a dash.
+        # Corresponds to the JSON property `redundantInterface`
+        # @return [String]
+        attr_accessor :redundant_interface
+      
+        # The URL of the subnetwork resource this interface belongs to, it must be in
+        # the same region as the router. When you establish a BGP session to a VM
+        # instance using this interface, the VM instance must belong to the same
+        # subnetwork as the subnetwork specified here.
+        # Corresponds to the JSON property `subnetwork`
+        # @return [String]
+        attr_accessor :subnetwork
+      
         def initialize(**args)
            update!(**args)
         end
@@ -30468,6 +31353,9 @@ module Google
           @linked_vpn_tunnel = args[:linked_vpn_tunnel] if args.key?(:linked_vpn_tunnel)
           @management_type = args[:management_type] if args.key?(:management_type)
           @name = args[:name] if args.key?(:name)
+          @private_ip_address = args[:private_ip_address] if args.key?(:private_ip_address)
+          @redundant_interface = args[:redundant_interface] if args.key?(:redundant_interface)
+          @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
         end
       end
       
@@ -30778,12 +31666,12 @@ module Google
         # @return [String]
         attr_accessor :match
       
-        # An integer indicating the priority of a rule in the list. The priority must be
-        # a positive value between 0 and 65000. The priority must be unique among rules
-        # within a NAT.
-        # Corresponds to the JSON property `priority`
+        # An integer uniquely identifying a rule in the list. The rule number must be a
+        # positive value between 0 and 65000, and must be unique among rules within a
+        # NAT.
+        # Corresponds to the JSON property `ruleNumber`
         # @return [Fixnum]
-        attr_accessor :priority
+        attr_accessor :rule_number
       
         def initialize(**args)
            update!(**args)
@@ -30794,7 +31682,7 @@ module Google
           @action = args[:action] if args.key?(:action)
           @description = args[:description] if args.key?(:description)
           @match = args[:match] if args.key?(:match)
-          @priority = args[:priority] if args.key?(:priority)
+          @rule_number = args[:rule_number] if args.key?(:rule_number)
         end
       end
       
@@ -31084,10 +31972,10 @@ module Google
         # @return [Fixnum]
         attr_accessor :num_vm_endpoints_with_nat_mappings
       
-        # Priority of the rule.
-        # Corresponds to the JSON property `priority`
+        # Rule number of the rule.
+        # Corresponds to the JSON property `ruleNumber`
         # @return [Fixnum]
-        attr_accessor :priority
+        attr_accessor :rule_number
       
         def initialize(**args)
            update!(**args)
@@ -31099,7 +31987,7 @@ module Google
           @drain_nat_ips = args[:drain_nat_ips] if args.key?(:drain_nat_ips)
           @min_extra_ips_needed = args[:min_extra_ips_needed] if args.key?(:min_extra_ips_needed)
           @num_vm_endpoints_with_nat_mappings = args[:num_vm_endpoints_with_nat_mappings] if args.key?(:num_vm_endpoints_with_nat_mappings)
-          @priority = args[:priority] if args.key?(:priority)
+          @rule_number = args[:rule_number] if args.key?(:rule_number)
         end
       end
       
@@ -31388,7 +32276,7 @@ module Google
         # @return [String]
         attr_accessor :device_name
       
-        # Represents a customer-supplied encryption key
+        # The encryption key for the disk.
         # Corresponds to the JSON property `diskEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :disk_encryption_key
@@ -31524,7 +32412,7 @@ module Google
         end
       end
       
-      # Sets the scheduling options for an Instance. NextID: 12
+      # Sets the scheduling options for an Instance. NextID: 13
       class Scheduling
         include Google::Apis::Core::Hashable
       
@@ -31553,18 +32441,6 @@ module Google
         # @return [String]
         attr_accessor :location_hint
       
-        # DEPRECATED, please use maintenance_freeze_duration_hours. TODO(b/154158138):
-        # Remove this field. Compute Engine Long Term Release. When specified, VMs that
-        # have this policy become long term release (internal: stable fleet) VMs.
-        # For all VM shapes, this should result in fewer disruptions due to software
-        # updates and greater predictability via 1 week extended notifications.
-        # For GPU VMs, this should also result in an 2 week uptime guarantee. See go/
-        # stable-fleet-gpus-design for more details.
-        # Corresponds to the JSON property `longTermRelease`
-        # @return [Boolean]
-        attr_accessor :long_term_release
-        alias_method :long_term_release?, :long_term_release
-      
         # Specifies the number of hours after instance creation where the instance won't
         # be scheduled for maintenance.
         # Corresponds to the JSON property `maintenanceFreezeDurationHours`
@@ -31609,7 +32485,6 @@ module Google
           @automatic_restart = args[:automatic_restart] if args.key?(:automatic_restart)
           @latency_tolerant = args[:latency_tolerant] if args.key?(:latency_tolerant)
           @location_hint = args[:location_hint] if args.key?(:location_hint)
-          @long_term_release = args[:long_term_release] if args.key?(:long_term_release)
           @maintenance_freeze_duration_hours = args[:maintenance_freeze_duration_hours] if args.key?(:maintenance_freeze_duration_hours)
           @min_node_cpus = args[:min_node_cpus] if args.key?(:min_node_cpus)
           @node_affinities = args[:node_affinities] if args.key?(:node_affinities)
@@ -32262,7 +33137,7 @@ module Google
         # @return [Array<Google::Apis::ComputeAlpha::SecurityPolicyRuleMatcherConfigLayer4Config>]
         attr_accessor :layer4_configs
       
-        # CIDR IP address range.
+        # CIDR IP address range. Maximum number of src_ip_ranges allowed is 10.
         # Corresponds to the JSON property `srcIpRanges`
         # @return [Array<String>]
         attr_accessor :src_ip_ranges
@@ -32348,10 +33223,26 @@ module Google
       class SecurityPolicyRuleRateLimitOptions
         include Google::Apis::Core::Hashable
       
-        # Can only be specifed if the action for the rule is "rate_based_blacklist" If
+        # Can only be specified if the action for the rule is "rate_based_ban". If
+        # specified, the key will be banned for the configured 'ban_duration' when the
+        # number of requests that exceed the 'rate_limit_threshold' also exceed this '
+        # ban_threshold'.
+        # Corresponds to the JSON property `banDurationSec`
+        # @return [Fixnum]
+        attr_accessor :ban_duration_sec
+      
+        # Can only be specified if the action for the rule is "rate_based_ban". If
+        # specified, the key will be banned for the configured 'ban_duration' when the
+        # number of requests that exceed the 'rate_limit_threshold' also exceed this '
+        # ban_threshold'.
+        # Corresponds to the JSON property `banThreshold`
+        # @return [Google::Apis::ComputeAlpha::SecurityPolicyRuleRateLimitOptionsThreshold]
+        attr_accessor :ban_threshold
+      
+        # Can only be specified if the action for the rule is "rate_based_ban" If
         # specified, determines the time (in seconds) the traffic will continue to be
         # blocked by the rate limit after the rate falls below the threshold. The
-        # default value is 0 seconds.
+        # default value is 0 seconds. [Deprecated] This field is deprecated.
         # Corresponds to the JSON property `blockDuration`
         # @return [Fixnum]
         attr_accessor :block_duration
@@ -32376,7 +33267,13 @@ module Google
         # @return [String]
         attr_accessor :exceed_action
       
-        # Rate in requests per second at which to begin ratelimiting.
+        # Threshold at which to begin ratelimiting.
+        # Corresponds to the JSON property `rateLimitThreshold`
+        # @return [Google::Apis::ComputeAlpha::SecurityPolicyRuleRateLimitOptionsThreshold]
+        attr_accessor :rate_limit_threshold
+      
+        # Rate in requests per second at which to begin ratelimiting. [Deprecated] This
+        # field is deprecated.
         # Corresponds to the JSON property `thresholdRps`
         # @return [Fixnum]
         attr_accessor :threshold_rps
@@ -32387,14 +33284,42 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @ban_duration_sec = args[:ban_duration_sec] if args.key?(:ban_duration_sec)
+          @ban_threshold = args[:ban_threshold] if args.key?(:ban_threshold)
           @block_duration = args[:block_duration] if args.key?(:block_duration)
           @conform_action = args[:conform_action] if args.key?(:conform_action)
           @enforce_on_key = args[:enforce_on_key] if args.key?(:enforce_on_key)
           @exceed_action = args[:exceed_action] if args.key?(:exceed_action)
+          @rate_limit_threshold = args[:rate_limit_threshold] if args.key?(:rate_limit_threshold)
           @threshold_rps = args[:threshold_rps] if args.key?(:threshold_rps)
         end
       end
       
+      # 
+      class SecurityPolicyRuleRateLimitOptionsThreshold
+        include Google::Apis::Core::Hashable
+      
+        # Number of HTTP(S) requests for calculating the threshold.
+        # Corresponds to the JSON property `count`
+        # @return [Fixnum]
+        attr_accessor :count
+      
+        # Interval over which the threshold is computed.
+        # Corresponds to the JSON property `intervalSec`
+        # @return [Fixnum]
+        attr_accessor :interval_sec
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @count = args[:count] if args.key?(:count)
+          @interval_sec = args[:interval_sec] if args.key?(:interval_sec)
+        end
+      end
+      
       # The authentication and authorization settings for a BackendService.
       class SecuritySettings
         include Google::Apis::Core::Hashable
@@ -32421,6 +33346,7 @@ module Google
         # clientTlsPolicy only applies to a global BackendService with the
         # loadBalancingScheme set to INTERNAL_SELF_MANAGED.
         # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
         # Corresponds to the JSON property `clientTlsPolicy`
         # @return [String]
         attr_accessor :client_tls_policy
@@ -32443,6 +33369,7 @@ module Google
         # Only applies to a global BackendService with loadBalancingScheme set to
         # INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached
         # clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
         # Corresponds to the JSON property `subjectAltNames`
         # @return [Array<String>]
         attr_accessor :subject_alt_names
@@ -32647,12 +33574,11 @@ module Google
         # @return [String]
         attr_accessor :name
       
-        # An array of IP CIDR ranges where each range is the url of the address resource
-        # which represents the range provided by the service producer to use for NAT in
-        # this service attachment.
-        # Corresponds to the JSON property `natIpCidrRanges`
+        # An array of URLs where each entry is the URL of a subnet provided by the
+        # service producer to use for NAT in this service attachment.
+        # Corresponds to the JSON property `natSubnets`
         # @return [Array<String>]
-        attr_accessor :nat_ip_cidr_ranges
+        attr_accessor :nat_subnets
       
         # The URL of a forwarding rule with loadBalancingScheme INTERNAL* that is
         # serving the endpoint identified by this service attachment.
@@ -32685,7 +33611,7 @@ module Google
           @id = args[:id] if args.key?(:id)
           @kind = args[:kind] if args.key?(:kind)
           @name = args[:name] if args.key?(:name)
-          @nat_ip_cidr_ranges = args[:nat_ip_cidr_ranges] if args.key?(:nat_ip_cidr_ranges)
+          @nat_subnets = args[:nat_subnets] if args.key?(:nat_subnets)
           @producer_forwarding_rule = args[:producer_forwarding_rule] if args.key?(:producer_forwarding_rule)
           @region = args[:region] if args.key?(:region)
           @self_link = args[:self_link] if args.key?(:self_link)
@@ -33107,7 +34033,12 @@ module Google
         attr_accessor :auto_created
         alias_method :auto_created?, :auto_created
       
-        # Chain name should conform to RFC1035.
+        # Creates the new snapshot in the snapshot chain labeled with the specified name.
+        # The chain name must be 1-63 characters long and comply with RFC1035. This is
+        # an uncommon option only for advanced service owners who needs to create
+        # separate snapshot chains, for example, for chargeback tracking. When you
+        # describe your snapshot resource, this field is visible only if it has a non-
+        # empty value.
         # Corresponds to the JSON property `chainName`
         # @return [String]
         attr_accessor :chain_name
@@ -33133,6 +34064,14 @@ module Google
         # @return [Fixnum]
         attr_accessor :download_bytes
       
+        # [Input Only] Whether to attempt an application consistent snapshot by
+        # informing the OS to prepare for the snapshot process. Currently only supported
+        # on Windows instances using the Volume Shadow Copy Service (VSS).
+        # Corresponds to the JSON property `guestFlush`
+        # @return [Boolean]
+        attr_accessor :guest_flush
+        alias_method :guest_flush?, :guest_flush
+      
         # [Output Only] A list of features to enable on the guest operating system.
         # Applicable only for bootable images. Read  Enabling guest operating system
         # features to see a list of available options.
@@ -33193,6 +34132,12 @@ module Google
         # @return [String]
         attr_accessor :name
       
+        # [Output Only] Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzs`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzs
+        alias_method :satisfies_pzs?, :satisfies_pzs
+      
         # [Output Only] Server-defined URL for the resource.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
@@ -33203,17 +34148,27 @@ module Google
         # @return [String]
         attr_accessor :self_link_with_id
       
-        # Represents a customer-supplied encryption key
+        # Encrypts the snapshot using a customer-supplied encryption key.
+        # After you encrypt a snapshot using a customer-supplied key, you must provide
+        # the same key if you use the snapshot later. For example, you must provide the
+        # encryption key when you create a disk from the encrypted snapshot in a future
+        # request.
+        # Customer-supplied encryption keys do not protect access to metadata of the
+        # snapshot.
+        # If you do not provide an encryption key when creating the snapshot, then the
+        # snapshot will be encrypted using an automatically generated key and you do not
+        # need to provide a key to use the snapshot later.
         # Corresponds to the JSON property `snapshotEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :snapshot_encryption_key
       
-        # [Output Only] The source disk used to create this snapshot.
+        # The source disk used to create this snapshot.
         # Corresponds to the JSON property `sourceDisk`
         # @return [String]
         attr_accessor :source_disk
       
-        # Represents a customer-supplied encryption key
+        # The customer-supplied encryption key of the source disk. Required if the
+        # source disk is protected by a customer-supplied encryption key.
         # Corresponds to the JSON property `sourceDiskEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :source_disk_encryption_key
@@ -33263,6 +34218,7 @@ module Google
           @description = args[:description] if args.key?(:description)
           @disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
           @download_bytes = args[:download_bytes] if args.key?(:download_bytes)
+          @guest_flush = args[:guest_flush] if args.key?(:guest_flush)
           @guest_os_features = args[:guest_os_features] if args.key?(:guest_os_features)
           @id = args[:id] if args.key?(:id)
           @kind = args[:kind] if args.key?(:kind)
@@ -33271,6 +34227,7 @@ module Google
           @license_codes = args[:license_codes] if args.key?(:license_codes)
           @licenses = args[:licenses] if args.key?(:licenses)
           @name = args[:name] if args.key?(:name)
+          @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
           @self_link = args[:self_link] if args.key?(:self_link)
           @self_link_with_id = args[:self_link_with_id] if args.key?(:self_link_with_id)
           @snapshot_encryption_key = args[:snapshot_encryption_key] if args.key?(:snapshot_encryption_key)
@@ -33405,7 +34362,8 @@ module Google
       class SourceDiskEncryptionKey
         include Google::Apis::Core::Hashable
       
-        # Represents a customer-supplied encryption key
+        # The customer-supplied encryption key of the source disk. Required if the
+        # source disk is protected by a customer-supplied encryption key.
         # Corresponds to the JSON property `diskEncryptionKey`
         # @return [Google::Apis::ComputeAlpha::CustomerEncryptionKey]
         attr_accessor :disk_encryption_key
@@ -33522,7 +34480,7 @@ module Google
         # @return [Array<Google::Apis::ComputeAlpha::NetworkInterface>]
         attr_accessor :network_interfaces
       
-        # Sets the scheduling options for an Instance. NextID: 12
+        # Sets the scheduling options for an Instance. NextID: 13
         # Corresponds to the JSON property `scheduling`
         # @return [Google::Apis::ComputeAlpha::Scheduling]
         attr_accessor :scheduling
@@ -33580,9 +34538,9 @@ module Google
       class SslCertificate
         include Google::Apis::Core::Hashable
       
-        # A local certificate file. The certificate must be in PEM format. The
-        # certificate chain must be no greater than 5 certs long. The chain must include
-        # at least one intermediate cert.
+        # A value read into memory from a certificate file. The certificate file must be
+        # in PEM format. The certificate chain must be no greater than 5 certs long. The
+        # chain must include at least one intermediate cert.
         # Corresponds to the JSON property `certificate`
         # @return [String]
         attr_accessor :certificate
@@ -33630,7 +34588,8 @@ module Google
         # @return [String]
         attr_accessor :name
       
-        # A write-only private key in PEM format. Only insert requests will include this
+        # A value read into memory from a write-only private key file. The private key
+        # file must be in PEM format. For security, only insert requests include this
         # field.
         # Corresponds to the JSON property `privateKey`
         # @return [String]
@@ -35221,6 +36180,25 @@ module Google
         end
       end
       
+      # Subsetting options to make L4 ILB support any number of backend instances
+      class Subsetting
+        include Google::Apis::Core::Hashable
+      
+        # 
+        # Corresponds to the JSON property `policy`
+        # @return [String]
+        attr_accessor :policy
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @policy = args[:policy] if args.key?(:policy)
+        end
+      end
+      
       # 
       class TcpHealthCheck
         include Google::Apis::Core::Hashable
@@ -35322,7 +36300,7 @@ module Google
       # A target gRPC proxy is a component of load balancers intended for load
       # balancing gRPC traffic. Global forwarding rules reference a target gRPC proxy.
       # The Target gRPC Proxy references a URL map which specifies how traffic routes
-      # to gRPC backend services.
+      # to gRPC backend services. (== resource_for `$api_version`.targetGrpcProxies ==)
       class TargetGrpcProxy
         include Google::Apis::Core::Hashable
       
@@ -35389,12 +36367,11 @@ module Google
         # If true, indicates that the BackendServices referenced by the urlMap may be
         # accessed by gRPC applications without using a sidecar proxy. This will enable
         # configuration checks on urlMap and its referenced BackendServices to not allow
-        # unsupported features. A gRPC application must use "xds-experimental:///"
-        # scheme in the target URI of the service it is connecting to. If false,
-        # indicates that the BackendServices referenced by the urlMap will be accessed
-        # by gRPC applications via a sidecar proxy. In this case, a gRPC application
-        # must not use "xds-experimental:///" scheme in the target URI of the service it
-        # is connecting to
+        # unsupported features. A gRPC application must use "xds:///" scheme in the
+        # target URI of the service it is connecting to. If false, indicates that the
+        # BackendServices referenced by the urlMap will be accessed by gRPC applications
+        # via a sidecar proxy. In this case, a gRPC application must not use "xds:///"
+        # scheme in the target URI of the service it is connecting to
         # Corresponds to the JSON property `validateForProxyless`
         # @return [Boolean]
         attr_accessor :validate_for_proxyless
@@ -35653,7 +36630,18 @@ module Google
         # @return [String]
         attr_accessor :description
       
-        # Urls to networkservices.HttpFilter resources enabled for xDS clients using
+        # Fingerprint of this resource. A hash of the contents stored in this object.
+        # This field is used in optimistic locking. This field will be ignored when
+        # inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in
+        # order to patch/update the TargetHttpProxy; otherwise, the request will fail
+        # with error 412 conditionNotMet. To see the latest fingerprint, make a get()
+        # request to retrieve the TargetHttpProxy.
+        # Corresponds to the JSON property `fingerprint`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :fingerprint
+      
+        # URLs to networkservices.HttpFilter resources enabled for xDS clients using
         # this configuration. For example, https://networkservices.googleapis.com/
         # v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only
         # filters that handle outbound connection and stream events may be specified.
@@ -35728,6 +36716,7 @@ module Google
         def update!(**args)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @description = args[:description] if args.key?(:description)
+          @fingerprint = args[:fingerprint] if args.key?(:fingerprint)
           @http_filters = args[:http_filters] if args.key?(:http_filters)
           @id = args[:id] if args.key?(:id)
           @kind = args[:kind] if args.key?(:kind)
@@ -36162,6 +37151,7 @@ module Google
         # authorizationPolicy only applies to a global TargetHttpsProxy attached to
         # globalForwardingRules with the loadBalancingScheme set to
         # INTERNAL_SELF_MANAGED.
+        # Note: This field currently has no impact.
         # Corresponds to the JSON property `authorizationPolicy`
         # @return [String]
         attr_accessor :authorization_policy
@@ -36184,6 +37174,21 @@ module Google
         # @return [String]
         attr_accessor :description
       
+        # URLs to networkservices.HttpFilter resources enabled for xDS clients using
+        # this configuration. For example, https://networkservices.googleapis.com/beta/
+        # projects/project/locations/locationhttpFilters/httpFilter Only filters that
+        # handle outbound connection and stream events may be specified. These filters
+        # work in conjunction with a default set of HTTP filters that may already be
+        # configured by Traffic Director. Traffic Director will determine the final
+        # location of these filters within xDS configuration based on the name of the
+        # HTTP filter. If Traffic Director positions multiple filters at the same
+        # location, those filters will be in the same order as specified in this list.
+        # httpFilters only applies for loadbalancers with loadBalancingScheme set to
+        # INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+        # Corresponds to the JSON property `httpFilters`
+        # @return [Array<String>]
+        attr_accessor :http_filters
+      
         # [Output Only] The unique identifier for the resource. This identifier is
         # defined by the server.
         # Corresponds to the JSON property `id`
@@ -36249,6 +37254,7 @@ module Google
         # globalForwardingRules with the loadBalancingScheme set to
         # INTERNAL_SELF_MANAGED.
         # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
         # Corresponds to the JSON property `serverTlsPolicy`
         # @return [String]
         attr_accessor :server_tls_policy
@@ -36289,6 +37295,7 @@ module Google
           @certificate_map = args[:certificate_map] if args.key?(:certificate_map)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @description = args[:description] if args.key?(:description)
+          @http_filters = args[:http_filters] if args.key?(:http_filters)
           @id = args[:id] if args.key?(:id)
           @kind = args[:kind] if args.key?(:kind)
           @name = args[:name] if args.key?(:name)
@@ -37032,7 +38039,7 @@ module Google
       
         # The URL of the HttpHealthCheck resource. A member instance in this pool is
         # considered healthy if and only if the health checks pass. An empty list means
-        # all member instances will be considered healthy at all times. Only
+        # all member instances will be considered healthy at all times. Only legacy
         # HttpHealthChecks are supported. Only one health check may be specified.
         # Corresponds to the JSON property `healthChecks`
         # @return [Array<String>]
@@ -38555,22 +39562,23 @@ module Google
       class TestFailure
         include Google::Apis::Core::Hashable
       
-        # 
+        # BackendService or BackendBucket returned by load balancer.
         # Corresponds to the JSON property `actualService`
         # @return [String]
         attr_accessor :actual_service
       
-        # 
+        # Expected BackendService or BackendBucket resource the given URL should be
+        # mapped to.
         # Corresponds to the JSON property `expectedService`
         # @return [String]
         attr_accessor :expected_service
       
-        # 
+        # Host portion of the URL.
         # Corresponds to the JSON property `host`
         # @return [String]
         attr_accessor :host
       
-        # 
+        # Path portion including query parameters in the URL.
         # Corresponds to the JSON property `path`
         # @return [String]
         attr_accessor :path
@@ -38797,13 +39805,13 @@ module Google
         include Google::Apis::Core::Hashable
       
         # [Output Only] The date when the maintenance will take place. This value is in
-        # RFC3339 text format.
+        # RFC3339 text format. DEPRECATED: Use start_time_window instead.
         # Corresponds to the JSON property `date`
         # @return [String]
         attr_accessor :date
       
         # [Output Only] The time when the maintenance will take place. This value is in
-        # RFC3339 text format.
+        # RFC3339 text format. DEPRECATED: Use start_time_window instead.
         # Corresponds to the JSON property `time`
         # @return [String]
         attr_accessor :time
@@ -38833,6 +39841,10 @@ module Google
       # Traffic Director.
       # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. *
       # regionUrlMaps are used by internal HTTP(S) load balancers.
+      # For a list of supported URL map features by load balancer type, see the  Load
+      # balancing features: Routing and traffic management table.
+      # For a list of supported URL map features for Traffic Director, see the
+      # Traffic Director features: Routing and traffic management table.
       # This resource defines mappings from host names and URL paths to either a
       # backend service or a backend bucket.
       # To use the global urlMaps resource, the backend service must have a
@@ -38856,6 +39868,8 @@ module Google
         # Only one of defaultRouteAction or defaultUrlRedirect must be set.
         # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action
         # within defaultRouteAction.
+        # defaultRouteAction has no effect when the URL map is bound to target gRPC
+        # proxy that has validateForProxyless field set to true.
         # Corresponds to the JSON property `defaultRouteAction`
         # @return [Google::Apis::ComputeAlpha::HttpRouteAction]
         attr_accessor :default_route_action
@@ -38869,6 +39883,8 @@ module Google
         # specified.
         # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.
         # weightedBackendService must be set.
+        # defaultService has no effect when the URL map is bound to target gRPC proxy
+        # that has validateForProxyless field set to true.
         # Corresponds to the JSON property `defaultService`
         # @return [String]
         attr_accessor :default_service
@@ -38947,6 +39963,8 @@ module Google
         # The list of expected URL mapping tests. Request to update this UrlMap will
         # succeed only if all of the test cases pass. You can specify a maximum of 100
         # tests per UrlMap.
+        # Not supported when the URL map is bound to target gRPC proxy that has
+        # validateForProxyless field set to true.
         # Corresponds to the JSON property `tests`
         # @return [Array<Google::Apis::ComputeAlpha::UrlMapTest>]
         attr_accessor :tests
@@ -39127,12 +40145,13 @@ module Google
         attr_accessor :description
       
         # The expected URL that should be redirected to for the host and path being
-        # tested.
+        # tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
         # Corresponds to the JSON property `expectedUrlRedirect`
         # @return [String]
         attr_accessor :expected_url_redirect
       
-        # Host portion of the URL.
+        # Host portion of the URL. If headers contains a host header, then host must
+        # also match the header value.
         # Corresponds to the JSON property `host`
         # @return [String]
         attr_accessor :host
@@ -39142,7 +40161,9 @@ module Google
         # @return [String]
         attr_accessor :path
       
-        # Expected BackendService resource the given URL should be mapped to.
+        # Expected BackendService or BackendBucket resource the given URL should be
+        # mapped to.
+        # service cannot be set if expectedRedirectResponseCode is set.
         # Corresponds to the JSON property `service`
         # @return [String]
         attr_accessor :service
@@ -39429,6 +40450,10 @@ module Google
         # Traffic Director.
         # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. *
         # regionUrlMaps are used by internal HTTP(S) load balancers.
+        # For a list of supported URL map features by load balancer type, see the  Load
+        # balancing features: Routing and traffic management table.
+        # For a list of supported URL map features for Traffic Director, see the
+        # Traffic Director features: Routing and traffic management table.
         # This resource defines mappings from host names and URL paths to either a
         # backend service or a backend bucket.
         # To use the global urlMaps resource, the backend service must have a
@@ -39833,10 +40858,10 @@ module Google
         # @return [Fixnum]
         attr_accessor :num_total_nat_ports
       
-        # Priority of the NAT Rule.
-        # Corresponds to the JSON property `priority`
+        # Rule number of the NAT Rule.
+        # Corresponds to the JSON property `ruleNumber`
         # @return [Fixnum]
-        attr_accessor :priority
+        attr_accessor :rule_number
       
         def initialize(**args)
            update!(**args)
@@ -39848,7 +40873,7 @@ module Google
           @nat_ip_port_ranges = args[:nat_ip_port_ranges] if args.key?(:nat_ip_port_ranges)
           @num_total_drain_nat_ports = args[:num_total_drain_nat_ports] if args.key?(:num_total_drain_nat_ports)
           @num_total_nat_ports = args[:num_total_nat_ports] if args.key?(:num_total_nat_ports)
-          @priority = args[:priority] if args.key?(:priority)
+          @rule_number = args[:rule_number] if args.key?(:rule_number)
         end
       end
       
@@ -40445,6 +41470,14 @@ module Google
         # @return [Fixnum]
         attr_accessor :id
       
+        # URL of the interconnect attachment resource. When the value of this field is
+        # present, the VPN Gateway will be used for IPsec over Interconnect; all Egress
+        # or Ingress traffic for this VPN Gateway interface will go through the
+        # specified interconnect attachment resource.
+        # Corresponds to the JSON property `interconnectAttachment`
+        # @return [String]
+        attr_accessor :interconnect_attachment
+      
         # [Output Only] The external IP address for this VPN gateway interface.
         # Corresponds to the JSON property `ipAddress`
         # @return [String]
@@ -40457,6 +41490,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @id = args[:id] if args.key?(:id)
+          @interconnect_attachment = args[:interconnect_attachment] if args.key?(:interconnect_attachment)
           @ip_address = args[:ip_address] if args.key?(:ip_address)
         end
       end
@@ -40572,7 +41606,7 @@ module Google
       end
       
       # Represents a Cloud VPN Tunnel resource.
-      # For more information about VPN, read the the Cloud VPN Overview. (==
+      # For more information about VPN, read the  the Cloud VPN Overview. (==
       # resource_for `$api_version`.vpnTunnels ==)
       class VpnTunnel
         include Google::Apis::Core::Hashable
@@ -41421,6 +42455,12 @@ module Google
         # @return [String]
         attr_accessor :status
       
+        # [Output Only] Reserved for future use.
+        # Corresponds to the JSON property `supportsPzs`
+        # @return [Boolean]
+        attr_accessor :supports_pzs
+        alias_method :supports_pzs?, :supports_pzs
+      
         def initialize(**args)
            update!(**args)
         end
@@ -41437,6 +42477,7 @@ module Google
           @region = args[:region] if args.key?(:region)
           @self_link = args[:self_link] if args.key?(:self_link)
           @status = args[:status] if args.key?(:status)
+          @supports_pzs = args[:supports_pzs] if args.key?(:supports_pzs)
         end
       end