google-apis-compute_beta 0.15.0 → 0.19.0

data/lib/google/apis/compute_beta/classes.rb

@@ -510,13 +510,17 @@ module Google
         attr_accessor :network_tier
       
         # The DNS domain name for the public PTR record. You can set this field only if
-        # the `setPublicPtr` field is enabled.
+        # the `setPublicPtr` field is enabled in accessConfig. If this field is
+        # unspecified in ipv6AccessConfig, a default PTR record will be createc for
+        # first IP in associated external IPv6 range.
         # Corresponds to the JSON property `publicPtrDomainName`
         # @return [String]
         attr_accessor :public_ptr_domain_name
       
         # Specifies whether a public DNS 'PTR' record should be created to map the
-        # external IP address of the instance to a DNS domain name.
+        # external IP address of the instance to a DNS domain name. This field is not
+        # used in ipv6AccessConfig. A default PTR record will be created if the VM has
+        # external IPv6 range associated.
         # Corresponds to the JSON property `setPublicPtr`
         # @return [Boolean]
         attr_accessor :set_public_ptr
@@ -613,8 +617,8 @@ module Google
       
         # Name of the resource. Provided by the client when the resource is created. The
         # name must be 1-63 characters long, and comply with RFC1035. Specifically, the
-        # name must be 1-63 characters long and match the regular expression [a-z]([-a-
-        # z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all
+        # name must be 1-63 characters long and match the regular expression `[a-z]([-a-
+        # z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all
         # following characters (except for the last character) must be a dash, lowercase
         # letter, or digit. The last character must be a lowercase letter or digit.
         # Corresponds to the JSON property `name`
@@ -1205,6 +1209,7 @@ module Google
       end
       
       # This reservation type allows to pre allocate specific instance configuration.
+      # Next ID: 5
       class AllocationSpecificSkuReservation
         include Google::Apis::Core::Hashable
       
@@ -1328,6 +1333,17 @@ module Google
         # @return [Array<String>]
         attr_accessor :licenses
       
+        # [Output Only] Whether to indicate the attached disk is locked. The locked disk
+        # is not allowed to be detached from the instance, or to be used as the source
+        # of the snapshot creation, and the image creation. The instance with at least
+        # one locked attached disk is not allow to be used as source of machine image
+        # creation, instant snapshot creation, and not allowed to be deleted with --keep-
+        # disk parameter set to true for locked disks.
+        # Corresponds to the JSON property `locked`
+        # @return [Boolean]
+        attr_accessor :locked
+        alias_method :locked?, :locked
+      
         # The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not
         # specified, the default is to attach the disk in READ_WRITE mode.
         # Corresponds to the JSON property `mode`
@@ -1380,6 +1396,7 @@ module Google
           @interface = args[:interface] if args.key?(:interface)
           @kind = args[:kind] if args.key?(:kind)
           @licenses = args[:licenses] if args.key?(:licenses)
+          @locked = args[:locked] if args.key?(:locked)
           @mode = args[:mode] if args.key?(:mode)
           @shielded_instance_initial_state = args[:shielded_instance_initial_state] if args.key?(:shielded_instance_initial_state)
           @source = args[:source] if args.key?(:source)
@@ -2509,7 +2526,13 @@ module Google
       
         # Specifies how to determine whether the backend of a load balancer can handle
         # additional traffic or is fully loaded. For usage guidelines, see Connection
-        # balancing mode.
+        # balancing mode. Backends must use compatible balancing modes. For more
+        # information, see Supported balancing modes and target capacity settings and
+        # Restrictions and guidance for instance groups. Note: Currently, if you use the
+        # API to configure incompatible balancing modes, the configuration might be
+        # accepted even though it has no impact and is ignored. Specifically, Backend.
+        # maxUtilization is ignored when Backend.balancingMode is RATE. In the future,
+        # this incompatible combination will be rejected.
         # Corresponds to the JSON property `balancingMode`
         # @return [String]
         attr_accessor :balancing_mode
@@ -2590,7 +2613,9 @@ module Google
         # @return [Float]
         attr_accessor :max_rate_per_instance
       
-        # 
+        # Optional parameter to define a target capacity for the UTILIZATIONbalancing
+        # mode. The valid range is [0.0, 1.0]. For usage guidelines, see Utilization
+        # balancing mode.
         # Corresponds to the JSON property `maxUtilization`
         # @return [Float]
         attr_accessor :max_utilization
@@ -2753,7 +2778,7 @@ module Google
         # specified), or else sets the response max-age directive to the lesser of the
         # client_ttl and default_ttl, and also ensures a "public" cache-control
         # directive is present. If a client TTL is not specified, a default value (1
-        # hour) will be used. The maximum allowed value is 86400s (1 day).
+        # hour) will be used. The maximum allowed value is 31,622,400s (1 year).
         # Corresponds to the JSON property `clientTtl`
         # @return [Fixnum]
         attr_accessor :client_ttl
@@ -3568,7 +3593,7 @@ module Google
         # specified), or else sets the response max-age directive to the lesser of the
         # client_ttl and default_ttl, and also ensures a "public" cache-control
         # directive is present. If a client TTL is not specified, a default value (1
-        # hour) will be used. The maximum allowed value is 86400s (1 day).
+        # hour) will be used. The maximum allowed value is 31,622,400s (1 year).
         # Corresponds to the JSON property `clientTtl`
         # @return [Fixnum]
         attr_accessor :client_ttl
@@ -3753,8 +3778,8 @@ module Google
         # @return [String]
         attr_accessor :connection_persistence_on_unhealthy_backends
       
-        # Enable Strong Session Affinity. This is only available in External TCP/UDP
-        # load balancer.
+        # Enable Strong Session Affinity for Network Load Balancing. This option is not
+        # available publicly.
         # Corresponds to the JSON property `enableStrongAffinity`
         # @return [Boolean]
         attr_accessor :enable_strong_affinity
@@ -3762,9 +3787,9 @@ module Google
       
         # Specifies how long to keep a Connection Tracking entry while there is no
         # matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes
-        # and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the
-        # maximum is 16 hours. This field will be supported only if the Connection
-        # Tracking key is less than 5-tuple.
+        # and maximum is 16 hours. For Network Load Balancer the default is 60 seconds.
+        # This option is not available publicly. This field will be supported only if
+        # the Connection Tracking key is less than 5-tuple.
         # Corresponds to the JSON property `idleTimeoutSec`
         # @return [Fixnum]
         attr_accessor :idle_timeout_sec
@@ -5461,30 +5486,39 @@ module Google
       class CustomerEncryptionKey
         include Google::Apis::Core::Hashable
       
-        # The name of the encryption key that is stored in Google Cloud KMS.
+        # The name of the encryption key that is stored in Google Cloud KMS. For example:
+        # "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/
+        # cryptoKeys/key
         # Corresponds to the JSON property `kmsKeyName`
         # @return [String]
         attr_accessor :kms_key_name
       
         # The service account being used for the encryption request for the given KMS
-        # key. If absent, the Compute Engine default service account is used.
+        # key. If absent, the Compute Engine default service account is used. For
+        # example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
         # Corresponds to the JSON property `kmsKeyServiceAccount`
         # @return [String]
         attr_accessor :kms_key_service_account
       
         # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
-        # base64 to either encrypt or decrypt this resource.
+        # base64 to either encrypt or decrypt this resource. You can provide either the
+        # rawKey or the rsaEncryptedKey. For example: "rawKey": "
+        # SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
         # Corresponds to the JSON property `rawKey`
         # @return [String]
         attr_accessor :raw_key
       
         # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied
-        # encryption key to either encrypt or decrypt this resource. The key must meet
-        # the following requirements before you can provide it to Compute Engine: 1. The
-        # key is wrapped using a RSA public key certificate provided by Google. 2. After
-        # being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the
-        # RSA public key certificate provided by Google at: https://cloud-certs.storage.
-        # googleapis.com/google-cloud-csek-ingress.pem
+        # encryption key to either encrypt or decrypt this resource. You can provide
+        # either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "
+        # ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH
+        # z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD
+        # D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The
+        # key must meet the following requirements before you can provide it to Compute
+        # Engine: 1. The key is wrapped using a RSA public key certificate provided by
+        # Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64
+        # encoding. Gets the RSA public key certificate provided by Google at: https://
+        # cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         # Corresponds to the JSON property `rsaEncryptedKey`
         # @return [String]
         attr_accessor :rsa_encrypted_key
@@ -5519,7 +5553,8 @@ module Google
         attr_accessor :disk_encryption_key
       
         # Specifies a valid partial or full URL to an existing Persistent Disk resource.
-        # This field is only applicable for persistent disks.
+        # This field is only applicable for persistent disks. For example: "source": "/
+        # compute/v1/projects/project_id/zones/zone/disks/ disk_name
         # Corresponds to the JSON property `source`
         # @return [String]
         attr_accessor :source
@@ -5620,14 +5655,20 @@ module Google
         # @return [String]
         attr_accessor :description
       
-        # Encrypts the disk using a customer-supplied encryption key. After you encrypt
-        # a disk with a customer-supplied key, you must provide the same key if you use
-        # the disk later (e.g. to create a disk snapshot, to create a disk image, to
-        # create a machine image, or to attach the disk to a virtual machine). Customer-
-        # supplied encryption keys do not protect access to metadata of the disk. If you
-        # do not provide an encryption key when creating the disk, then the disk will be
-        # encrypted using an automatically generated key and you do not need to provide
-        # a key to use the disk later.
+        # Encrypts the disk using a customer-supplied encryption key or a customer-
+        # managed encryption key. Encryption keys do not protect access to metadata of
+        # the disk. After you encrypt a disk with a customer-supplied key, you must
+        # provide the same key if you use the disk later. For example, to create a disk
+        # snapshot, to create a disk image, to create a machine image, or to attach the
+        # disk to a virtual machine. After you encrypt a disk with a customer-managed
+        # key, the diskEncryptionKey.kmsKeyName is set to a key *version* name once the
+        # disk is created. The disk is encrypted with this version of the key. In the
+        # response, diskEncryptionKey.kmsKeyName appears in the following format: "
+        # diskEncryptionKey.kmsKeyName": "projects/kms_project_id/locations/region/
+        # keyRings/ key_region/cryptoKeys/key /cryptoKeysVersions/version If you do not
+        # provide an encryption key when creating the disk, then the disk is encrypted
+        # using an automatically generated key and you don't need to provide a key to
+        # use the disk later.
         # Corresponds to the JSON property `diskEncryptionKey`
         # @return [Google::Apis::ComputeBeta::CustomerEncryptionKey]
         attr_accessor :disk_encryption_key
@@ -5652,8 +5693,8 @@ module Google
         # @return [Fixnum]
         attr_accessor :id
       
-        # Specifies the disk interface to use for attaching this disk, which is either
-        # SCSI or NVME. The default is SCSI.
+        # [Deprecated] Specifies the disk interface to use for attaching this disk,
+        # which is either SCSI or NVME. The default is SCSI.
         # Corresponds to the JSON property `interface`
         # @return [String]
         attr_accessor :interface
@@ -5707,6 +5748,22 @@ module Google
         # @return [String]
         attr_accessor :location_hint
       
+        # [Output Only] The field indicates if the disk is created from a locked source
+        # image. Attachment of a disk created from a locked source image will cause the
+        # following operations to become irreversibly prohibited: - R/W or R/O disk
+        # attachment to any other instance - Disk detachment. And the disk can only be
+        # deleted when the instance is deleted - Creation of images or snapshots - Disk
+        # cloning Furthermore, the instance with at least one disk with locked flag set
+        # to true will be prohibited from performing the operations below: - Further
+        # attachment of secondary disks. - Detachment of any disks - Create machine
+        # images - Create instance template - Delete the instance with --keep-disk
+        # parameter set to true for locked disks - Attach a locked disk with --auto-
+        # delete parameter set to false
+        # Corresponds to the JSON property `locked`
+        # @return [Boolean]
+        attr_accessor :locked
+        alias_method :locked?, :locked
+      
         # Indicates whether or not the disk can be read/write attached to more than one
         # instance.
         # Corresponds to the JSON property `multiWriter`
@@ -5927,6 +5984,7 @@ module Google
           @license_codes = args[:license_codes] if args.key?(:license_codes)
           @licenses = args[:licenses] if args.key?(:licenses)
           @location_hint = args[:location_hint] if args.key?(:location_hint)
+          @locked = args[:locked] if args.key?(:locked)
           @multi_writer = args[:multi_writer] if args.key?(:multi_writer)
           @name = args[:name] if args.key?(:name)
           @options = args[:options] if args.key?(:options)
@@ -7481,7 +7539,7 @@ module Google
       
         # If destination ranges are specified, the firewall rule applies only to traffic
         # that has destination IP address in these ranges. These ranges must be
-        # expressed in CIDR format. Only IPv4 is supported.
+        # expressed in CIDR format. Both IPv4 and IPv6 are supported.
         # Corresponds to the JSON property `destinationRanges`
         # @return [Array<String>]
         attr_accessor :destination_ranges
@@ -7529,7 +7587,7 @@ module Google
         # Name of the resource; provided by the client when the resource is created. The
         # name must be 1-63 characters long, and comply with RFC1035. Specifically, the
         # name must be 1-63 characters long and match the regular expression `[a-z]([-a-
-        # z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all
+        # z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all
         # following characters (except for the last character) must be a dash, lowercase
         # letter, or digit. The last character must be a lowercase letter or digit.
         # Corresponds to the JSON property `name`
@@ -7569,7 +7627,7 @@ module Google
         # fields are set, the rule applies to traffic that has a source IP address
         # within sourceRanges OR a source IP from a resource with a matching tag listed
         # in the sourceTags field. The connection does not need to match both fields for
-        # the rule to apply. Only IPv4 is supported.
+        # the rule to apply. Both IPv4 and IPv6 are supported.
         # Corresponds to the JSON property `sourceRanges`
         # @return [Array<String>]
         attr_accessor :source_ranges
@@ -7904,7 +7962,7 @@ module Google
         attr_accessor :description
       
         # Deprecated, please use short name instead. User-provided name of the
-        # Organization firewall plicy. The name should be unique in the organization in
+        # Organization firewall policy. The name should be unique in the organization in
         # which the firewall policy is created. This name must be set on creation and
         # cannot be changed. The name must be 1-63 characters long, and comply with
         # RFC1035. Specifically, the name must be 1-63 characters long and match the
@@ -8631,6 +8689,16 @@ module Google
         # @return [String]
         attr_accessor :service_name
       
+        # If not empty, this Forwarding Rule will only forward the traffic when the
+        # source IP address matches one of the IP addresses or CIDR ranges set here.
+        # Note that a Forwarding Rule can only have up to 64 source IP ranges, and this
+        # field can only be used with a regional Forwarding Rule whose scheme is
+        # EXTERNAL. Each source_ip_range entry should be either an IP address (for
+        # example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
+        # Corresponds to the JSON property `sourceIpRanges`
+        # @return [Array<String>]
+        attr_accessor :source_ip_ranges
+      
         # This field identifies the subnetwork that the load balanced IP should belong
         # to for this Forwarding Rule, used in internal load balancing and network load
         # balancing with IPv6. If the network specified is in auto subnet mode, this
@@ -8679,6 +8747,7 @@ module Google
           @service_directory_registrations = args[:service_directory_registrations] if args.key?(:service_directory_registrations)
           @service_label = args[:service_label] if args.key?(:service_label)
           @service_name = args[:service_name] if args.key?(:service_name)
+          @source_ip_ranges = args[:source_ip_ranges] if args.key?(:source_ip_ranges)
           @subnetwork = args[:subnetwork] if args.key?(:subnetwork)
           @target = args[:target] if args.key?(:target)
         end
@@ -9201,7 +9270,7 @@ module Google
         # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
         # roles/resourcemanager.organizationViewer condition: title: expirable access
         # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
+        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
         # description of IAM and its features, see the [IAM documentation](https://cloud.
         # google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
@@ -9298,7 +9367,7 @@ module Google
         # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
         # roles/resourcemanager.organizationViewer condition: title: expirable access
         # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
+        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
         # description of IAM and its features, see the [IAM documentation](https://cloud.
         # google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
@@ -11901,6 +11970,24 @@ module Google
         # @return [Array<String>]
         attr_accessor :licenses
       
+        # A flag for marketplace VM disk created from the image, which is designed for
+        # marketplace VM disk to prevent the proprietary data on the disk from being
+        # accessed unwantedly. The flag will be inherited by the disk created from the
+        # image. The disk with locked flag set to true will be prohibited from
+        # performing the operations below: - R/W or R/O disk attach - Disk detach, if
+        # disk is created via create-on-create - Create images - Create snapshots -
+        # Create disk clone (create disk from the current disk) The image with the
+        # locked field set to true will be prohibited from performing the operations
+        # below: - Create images from the current image - Update the locked field for
+        # the current image The instance with at least one disk with locked flag set to
+        # true will be prohibited from performing the operations below: - Secondary disk
+        # attach - Create instant snapshot - Create machine images - Create instance
+        # template - Delete the instance with --keep-disk parameter set to true
+        # Corresponds to the JSON property `locked`
+        # @return [Boolean]
+        attr_accessor :locked
+        alias_method :locked?, :locked
+      
         # Name of the resource; provided by the client when the resource is created. The
         # name must be 1-63 characters long, and comply with RFC1035. Specifically, the
         # name must be 1-63 characters long and match the regular expression `[a-z]([-a-
@@ -11961,10 +12048,12 @@ module Google
         # @return [String]
         attr_accessor :source_disk_id
       
-        # URL of the source image used to create this image. In order to create an image,
-        # you must provide the full or partial URL of one of the following: - The
-        # rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The
-        # sourceSnapshot URL
+        # URL of the source image used to create this image. The following are valid
+        # formats for the URL: - https://www.googleapis.com/compute/v1/projects/
+        # project_id/global/ images/image_name - projects/project_id/global/images/
+        # image_name In order to create an image, you must provide the full or partial
+        # URL of one of the following: - The rawDisk.source URL - The sourceDisk URL -
+        # The sourceImage URL - The sourceSnapshot URL
         # Corresponds to the JSON property `sourceImage`
         # @return [String]
         attr_accessor :source_image
@@ -11982,10 +12071,12 @@ module Google
         # @return [String]
         attr_accessor :source_image_id
       
-        # URL of the source snapshot used to create this image. In order to create an
-        # image, you must provide the full or partial URL of one of the following: - The
-        # rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The
-        # sourceSnapshot URL
+        # URL of the source snapshot used to create this image. The following are valid
+        # formats for the URL: - https://www.googleapis.com/compute/v1/projects/
+        # project_id/global/ snapshots/snapshot_name - projects/project_id/global/
+        # snapshots/snapshot_name In order to create an image, you must provide the full
+        # or partial URL of one of the following: - The rawDisk.source URL - The
+        # sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
         # Corresponds to the JSON property `sourceSnapshot`
         # @return [String]
         attr_accessor :source_snapshot
@@ -12052,6 +12143,7 @@ module Google
           @labels = args[:labels] if args.key?(:labels)
           @license_codes = args[:license_codes] if args.key?(:license_codes)
           @licenses = args[:licenses] if args.key?(:licenses)
+          @locked = args[:locked] if args.key?(:locked)
           @name = args[:name] if args.key?(:name)
           @raw_disk = args[:raw_disk] if args.key?(:raw_disk)
           @rollout_override = args[:rollout_override] if args.key?(:rollout_override)
@@ -12090,10 +12182,12 @@ module Google
           # @return [String]
           attr_accessor :sha1_checksum
         
-          # The full Google Cloud Storage URL where the disk image is stored. In order to
-          # create an image, you must provide the full or partial URL of one of the
-          # following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL
-          # - The sourceSnapshot URL
+          # The full Google Cloud Storage URL where the raw disk image archive is stored.
+          # The following are valid formats for the URL: - https://storage.googleapis.com/
+          # bucket_name/image_archive_name - https://storage.googleapis.com/bucket_name/
+          # folder_name/ image_archive_name In order to create an image, you must provide
+          # the full or partial URL of one of the following: - The rawDisk.source URL -
+          # The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
           # Corresponds to the JSON property `source`
           # @return [String]
           attr_accessor :source
@@ -15238,7 +15332,7 @@ module Google
         # @return [Array<Google::Apis::ComputeBeta::NetworkInterface>]
         attr_accessor :network_interfaces
       
-        # 
+        # Note that for MachineImage, this is not supported yet.
         # Corresponds to the JSON property `networkPerformanceConfig`
         # @return [Google::Apis::ComputeBeta::NetworkPerformanceConfig]
         attr_accessor :network_performance_config
@@ -15249,7 +15343,8 @@ module Google
         attr_accessor :post_key_revocation_action_type
       
         # The private IPv6 google access type for VMs. If not specified, use
-        # INHERIT_FROM_SUBNETWORK as default.
+        # INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not
+        # supported yet.
         # Corresponds to the JSON property `privateIpv6GoogleAccess`
         # @return [String]
         attr_accessor :private_ipv6_google_access
@@ -15260,7 +15355,7 @@ module Google
         attr_accessor :reservation_affinity
       
         # Resource policies (names, not ULRs) applied to instances created from these
-        # properties.
+        # properties. Note that for MachineImage, this is not supported yet.
         # Corresponds to the JSON property `resourcePolicies`
         # @return [Array<String>]
         attr_accessor :resource_policies
@@ -16184,6 +16279,14 @@ module Google
         # @return [Fixnum]
         attr_accessor :requested_link_count
       
+        # [Output Only] Set to true if the resource satisfies the zone separation
+        # organization policy constraints and false otherwise. Defaults to false if the
+        # field is not present.
+        # Corresponds to the JSON property `satisfiesPzs`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzs
+        alias_method :satisfies_pzs?, :satisfies_pzs
+      
         # [Output Only] Server-defined URL for the resource.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
@@ -16228,6 +16331,7 @@ module Google
           @peer_ip_address = args[:peer_ip_address] if args.key?(:peer_ip_address)
           @provisioned_link_count = args[:provisioned_link_count] if args.key?(:provisioned_link_count)
           @requested_link_count = args[:requested_link_count] if args.key?(:requested_link_count)
+          @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
           @self_link = args[:self_link] if args.key?(:self_link)
           @state = args[:state] if args.key?(:state)
         end
@@ -16453,6 +16557,14 @@ module Google
         # @return [String]
         attr_accessor :router
       
+        # [Output Only] Set to true if the resource satisfies the zone separation
+        # organization policy constraints and false otherwise. Defaults to false if the
+        # field is not present.
+        # Corresponds to the JSON property `satisfiesPzs`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzs
+        alias_method :satisfies_pzs?, :satisfies_pzs
+      
         # [Output Only] Server-defined URL for the resource.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
@@ -16524,6 +16636,7 @@ module Google
           @private_interconnect_info = args[:private_interconnect_info] if args.key?(:private_interconnect_info)
           @region = args[:region] if args.key?(:region)
           @router = args[:router] if args.key?(:router)
+          @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
           @self_link = args[:self_link] if args.key?(:self_link)
           @state = args[:state] if args.key?(:state)
           @type = args[:type] if args.key?(:type)
@@ -17351,6 +17464,13 @@ module Google
         # @return [String]
         attr_accessor :status
       
+        # [Output Only] Set to true for locations that support physical zone separation.
+        # Defaults to false if the field is not present.
+        # Corresponds to the JSON property `supportsPzs`
+        # @return [Boolean]
+        attr_accessor :supports_pzs
+        alias_method :supports_pzs?, :supports_pzs
+      
         def initialize(**args)
            update!(**args)
         end
@@ -17372,6 +17492,7 @@ module Google
           @region_infos = args[:region_infos] if args.key?(:region_infos)
           @self_link = args[:self_link] if args.key?(:self_link)
           @status = args[:status] if args.key?(:status)
+          @supports_pzs = args[:supports_pzs] if args.key?(:supports_pzs)
         end
       end
       
@@ -19325,7 +19446,7 @@ module Google
         attr_accessor :kind
       
         # Maximum Transmission Unit in bytes. The minimum value for this field is 1460
-        # and the maximum value is 1500 bytes.
+        # and the maximum value is 1500 bytes. If unspecified, defaults to 1460.
         # Corresponds to the JSON property `mtu`
         # @return [Fixnum]
         attr_accessor :mtu
@@ -20653,9 +20774,8 @@ module Google
         alias_method :export_custom_routes?, :export_custom_routes
       
         # Whether subnet routes with public IP range are exported. The default value is
-        # true, all subnet routes are exported. The IPv4 special-use ranges (https://en.
-        # wikipedia.org/wiki/IPv4#Special_addresses) are always exported to peers and
-        # are not controlled by this field.
+        # true, all subnet routes are exported. IPv4 special-use ranges are always
+        # exported to peers and are not controlled by this field.
         # Corresponds to the JSON property `exportSubnetRoutesWithPublicIp`
         # @return [Boolean]
         attr_accessor :export_subnet_routes_with_public_ip
@@ -20668,9 +20788,8 @@ module Google
         alias_method :import_custom_routes?, :import_custom_routes
       
         # Whether subnet routes with public IP range are imported. The default value is
-        # false. The IPv4 special-use ranges (https://en.wikipedia.org/wiki/IPv4#
-        # Special_addresses) are always imported from peers and are not controlled by
-        # this field.
+        # false. IPv4 special-use ranges are always imported from peers and are not
+        # controlled by this field.
         # Corresponds to the JSON property `importSubnetRoutesWithPublicIp`
         # @return [Boolean]
         attr_accessor :import_subnet_routes_with_public_ip
@@ -20961,7 +21080,7 @@ module Google
         end
       end
       
-      # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical
+      # Represents a sole-tenant Node Group resource. A sole-tenant node is a physical
       # server that is dedicated to hosting VM instances only for your specific
       # project. Use sole-tenant nodes to keep your instances physically separated
       # from instances in other projects, or to group your instances together on the
@@ -24564,7 +24683,7 @@ module Google
       # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
       # roles/resourcemanager.organizationViewer condition: title: expirable access
       # description: Does not grant access after Sep 2020 expression: request.time <
-      # timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
+      # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
       # description of IAM and its features, see the [IAM documentation](https://cloud.
       # google.com/iam/docs/).
       class Policy
@@ -26784,6 +26903,47 @@ module Google
         end
       end
       
+      # 
+      class RegionInstanceGroupManagersResizeAdvancedRequest
+        include Google::Apis::Core::Hashable
+      
+        # If this flag is true, the managed instance group attempts to create all
+        # instances initiated by this resize request only once. If there is an error
+        # during creation, the managed instance group does not retry create this
+        # instance, and we will decrease the targetSize of the request instead. If the
+        # flag is false, the group attempts to recreate each instance continuously until
+        # it succeeds. This flag matters only in the first attempt of creation of an
+        # instance. After an instance is successfully created while this flag is enabled,
+        # the instance behaves the same way as all the other instances created with a
+        # regular resize request. In particular, if a running instance dies unexpectedly
+        # at a later time and needs to be recreated, this mode does not affect the
+        # recreation behavior in that scenario. This flag is applicable only to the
+        # current resize request. It does not influence other resize requests in any way.
+        # You can see which instances ar being created in which mode by calling the get
+        # or listManagedInstances API.
+        # Corresponds to the JSON property `noCreationRetries`
+        # @return [Boolean]
+        attr_accessor :no_creation_retries
+        alias_method :no_creation_retries?, :no_creation_retries
+      
+        # The number of running instances that the managed instance group should
+        # maintain at any given time. The group automatically adds or removes instances
+        # to maintain the number of instances specified by this parameter.
+        # Corresponds to the JSON property `targetSize`
+        # @return [Fixnum]
+        attr_accessor :target_size
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @no_creation_retries = args[:no_creation_retries] if args.key?(:no_creation_retries)
+          @target_size = args[:target_size] if args.key?(:target_size)
+        end
+      end
+      
       # 
       class RegionInstanceGroupManagersSetAutoHealingRequest
         include Google::Apis::Core::Hashable
@@ -27217,7 +27377,7 @@ module Google
         # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
         # roles/resourcemanager.organizationViewer condition: title: expirable access
         # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
+        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
         # description of IAM and its features, see the [IAM documentation](https://cloud.
         # google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
@@ -27374,6 +27534,7 @@ module Google
         attr_accessor :share_settings
       
         # This reservation type allows to pre allocate specific instance configuration.
+        # Next ID: 5
         # Corresponds to the JSON property `specificReservation`
         # @return [Google::Apis::ComputeBeta::AllocationSpecificSkuReservation]
         attr_accessor :specific_reservation
@@ -28750,6 +28911,11 @@ module Google
       class Route
         include Google::Apis::Core::Hashable
       
+        # [Output Only] AS path.
+        # Corresponds to the JSON property `asPaths`
+        # @return [Array<Google::Apis::ComputeBeta::RouteAsPath>]
+        attr_accessor :as_paths
+      
         # [Output Only] Creation timestamp in RFC3339 text format.
         # Corresponds to the JSON property `creationTimestamp`
         # @return [String]
@@ -28854,6 +29020,15 @@ module Google
         # @return [Fixnum]
         attr_accessor :priority
       
+        # [Output Only] The type of this route, which can be one of the following values:
+        # - 'TRANSIT' for a transit route that this router learned from another Cloud
+        # Router and will readvertise to one of its BGP peers - 'SUBNET' for a route
+        # from a subnet of the VPC - 'BGP' for a route learned from a BGP peer of this
+        # router - 'STATIC' for a static route
+        # Corresponds to the JSON property `routeType`
+        # @return [String]
+        attr_accessor :route_type
+      
         # [Output Only] Server-defined fully-qualified URL for this resource.
         # Corresponds to the JSON property `selfLink`
         # @return [String]
@@ -28876,6 +29051,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @as_paths = args[:as_paths] if args.key?(:as_paths)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @description = args[:description] if args.key?(:description)
           @dest_range = args[:dest_range] if args.key?(:dest_range)
@@ -28892,6 +29068,7 @@ module Google
           @next_hop_peering = args[:next_hop_peering] if args.key?(:next_hop_peering)
           @next_hop_vpn_tunnel = args[:next_hop_vpn_tunnel] if args.key?(:next_hop_vpn_tunnel)
           @priority = args[:priority] if args.key?(:priority)
+          @route_type = args[:route_type] if args.key?(:route_type)
           @self_link = args[:self_link] if args.key?(:self_link)
           @tags = args[:tags] if args.key?(:tags)
           @warnings = args[:warnings] if args.key?(:warnings)
@@ -28962,6 +29139,37 @@ module Google
         end
       end
       
+      # 
+      class RouteAsPath
+        include Google::Apis::Core::Hashable
+      
+        # [Output Only] The AS numbers of the AS Path.
+        # Corresponds to the JSON property `asLists`
+        # @return [Array<Fixnum>]
+        attr_accessor :as_lists
+      
+        # [Output Only] The type of the AS Path, which can be one of the following
+        # values: - 'AS_SET': unordered set of autonomous systems that the route in has
+        # traversed - 'AS_SEQUENCE': ordered set of autonomous systems that the route
+        # has traversed - 'AS_CONFED_SEQUENCE': ordered set of Member Autonomous Systems
+        # in the local confederation that the route has traversed - 'AS_CONFED_SET':
+        # unordered set of Member Autonomous Systems in the local confederation that the
+        # route has traversed
+        # Corresponds to the JSON property `pathSegmentType`
+        # @return [String]
+        attr_accessor :path_segment_type
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @as_lists = args[:as_lists] if args.key?(:as_lists)
+          @path_segment_type = args[:path_segment_type] if args.key?(:path_segment_type)
+        end
+      end
+      
       # Contains a list of Route resources.
       class RouteList
         include Google::Apis::Core::Hashable
@@ -29428,7 +29636,7 @@ module Google
         # @return [Fixnum]
         attr_accessor :advertised_route_priority
       
-        # BFD configuration for the BGP peering. Not currently available publicly.
+        # BFD configuration for the BGP peering.
         # Corresponds to the JSON property `bfd`
         # @return [Google::Apis::ComputeBeta::RouterBgpPeerBfd]
         attr_accessor :bfd
@@ -29521,8 +29729,8 @@ module Google
         # The minimum interval, in milliseconds, between BFD control packets received
         # from the peer router. The actual value is negotiated between the two routers
         # and is equal to the greater of this value and the transmit interval of the
-        # other router. Not currently available publicly. If set, this value must be
-        # between 100 and 30000. The default is 300.
+        # other router. If set, this value must be between 1000 and 30000. The default
+        # is 1000.
         # Corresponds to the JSON property `minReceiveInterval`
         # @return [Fixnum]
         attr_accessor :min_receive_interval
@@ -29530,24 +29738,24 @@ module Google
         # The minimum interval, in milliseconds, between BFD control packets transmitted
         # to the peer router. The actual value is negotiated between the two routers and
         # is equal to the greater of this value and the corresponding receive interval
-        # of the other router. Not currently available publicly. If set, this value must
-        # be between 100 and 30000. The default is 300.
+        # of the other router. If set, this value must be between 1000 and 30000. The
+        # default is 1000.
         # Corresponds to the JSON property `minTransmitInterval`
         # @return [Fixnum]
         attr_accessor :min_transmit_interval
       
         # The number of consecutive BFD packets that must be missed before BFD declares
-        # that a peer is unavailable. Not currently available publicly. If set, the
-        # value must be a value between 2 and 16. The default is 3.
+        # that a peer is unavailable. If set, the value must be a value between 5 and 16.
+        # The default is 5.
         # Corresponds to the JSON property `multiplier`
         # @return [Fixnum]
         attr_accessor :multiplier
       
-        # The BFD session initialization mode for this BGP peer. Not currently available
-        # publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for
-        # this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer
-        # router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD
-        # is disabled for this BGP peer. The default is PASSIVE.
+        # The BFD session initialization mode for this BGP peer. If set to ACTIVE, the
+        # Cloud Router will initiate the BFD session for this BGP peer. If set to
+        # PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD
+        # session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP
+        # peer. The default is PASSIVE.
         # Corresponds to the JSON property `sessionInitializationMode`
         # @return [String]
         attr_accessor :session_initialization_mode
@@ -29789,6 +29997,17 @@ module Google
         # @return [Array<String>]
         attr_accessor :drain_nat_ips
       
+        # Enable Dynamic Port Allocation. If not specified, it is disabled by default.
+        # If set to true, - Dynamic Port Allocation will be enabled on this NAT config. -
+        # enableEndpointIndependentMapping cannot be set to true. - If minPorts is set,
+        # minPortsPerVm must be set to a power of two greater than or equal to 32. If
+        # minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from
+        # this NAT config.
+        # Corresponds to the JSON property `enableDynamicPortAllocation`
+        # @return [Boolean]
+        attr_accessor :enable_dynamic_port_allocation
+        alias_method :enable_dynamic_port_allocation?, :enable_dynamic_port_allocation
+      
         # 
         # Corresponds to the JSON property `enableEndpointIndependentMapping`
         # @return [Boolean]
@@ -29805,6 +30024,17 @@ module Google
         # @return [Google::Apis::ComputeBeta::RouterNatLogConfig]
         attr_accessor :log_config
       
+        # Maximum number of ports allocated to a VM from this NAT config when Dynamic
+        # Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this
+        # field has no effect. If Dynamic Port Allocation is enabled, and this field is
+        # set, it must be set to a power of two greater than minPortsPerVm, or 64 if
+        # minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field
+        # is not set, a maximum of 65536 ports will be allocated to a VM from this NAT
+        # config.
+        # Corresponds to the JSON property `maxPortsPerVm`
+        # @return [Fixnum]
+        attr_accessor :max_ports_per_vm
+      
         # Minimum number of ports allocated to a VM from this NAT config. If not set, a
         # default number of ports is allocated to a VM. This is rounded up to the
         # nearest power of 2. For example, if the value of this field is 50, at least 64
@@ -29834,6 +30064,11 @@ module Google
         # @return [Array<String>]
         attr_accessor :nat_ips
       
+        # A list of rules associated with this NAT.
+        # Corresponds to the JSON property `rules`
+        # @return [Array<Google::Apis::ComputeBeta::RouterNatRule>]
+        attr_accessor :rules
+      
         # Specify the Nat option, which can take one of the following values: -
         # ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are
         # allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP
@@ -29860,6 +30095,12 @@ module Google
         # @return [Fixnum]
         attr_accessor :tcp_established_idle_timeout_sec
       
+        # Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults
+        # to 120s if not set.
+        # Corresponds to the JSON property `tcpTimeWaitTimeoutSec`
+        # @return [Fixnum]
+        attr_accessor :tcp_time_wait_timeout_sec
+      
         # Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not
         # set.
         # Corresponds to the JSON property `tcpTransitoryIdleTimeoutSec`
@@ -29878,16 +30119,20 @@ module Google
         # Update properties of this object
         def update!(**args)
           @drain_nat_ips = args[:drain_nat_ips] if args.key?(:drain_nat_ips)
+          @enable_dynamic_port_allocation = args[:enable_dynamic_port_allocation] if args.key?(:enable_dynamic_port_allocation)
           @enable_endpoint_independent_mapping = args[:enable_endpoint_independent_mapping] if args.key?(:enable_endpoint_independent_mapping)
           @icmp_idle_timeout_sec = args[:icmp_idle_timeout_sec] if args.key?(:icmp_idle_timeout_sec)
           @log_config = args[:log_config] if args.key?(:log_config)
+          @max_ports_per_vm = args[:max_ports_per_vm] if args.key?(:max_ports_per_vm)
           @min_ports_per_vm = args[:min_ports_per_vm] if args.key?(:min_ports_per_vm)
           @name = args[:name] if args.key?(:name)
           @nat_ip_allocate_option = args[:nat_ip_allocate_option] if args.key?(:nat_ip_allocate_option)
           @nat_ips = args[:nat_ips] if args.key?(:nat_ips)
+          @rules = args[:rules] if args.key?(:rules)
           @source_subnetwork_ip_ranges_to_nat = args[:source_subnetwork_ip_ranges_to_nat] if args.key?(:source_subnetwork_ip_ranges_to_nat)
           @subnetworks = args[:subnetworks] if args.key?(:subnetworks)
           @tcp_established_idle_timeout_sec = args[:tcp_established_idle_timeout_sec] if args.key?(:tcp_established_idle_timeout_sec)
+          @tcp_time_wait_timeout_sec = args[:tcp_time_wait_timeout_sec] if args.key?(:tcp_time_wait_timeout_sec)
           @tcp_transitory_idle_timeout_sec = args[:tcp_transitory_idle_timeout_sec] if args.key?(:tcp_transitory_idle_timeout_sec)
           @udp_idle_timeout_sec = args[:udp_idle_timeout_sec] if args.key?(:udp_idle_timeout_sec)
         end
@@ -29923,6 +30168,80 @@ module Google
         end
       end
       
+      # 
+      class RouterNatRule
+        include Google::Apis::Core::Hashable
+      
+        # The action to be enforced for traffic that matches this rule.
+        # Corresponds to the JSON property `action`
+        # @return [Google::Apis::ComputeBeta::RouterNatRuleAction]
+        attr_accessor :action
+      
+        # An optional description of this rule.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # CEL expression that specifies the match condition that egress traffic from a
+        # VM is evaluated against. If it evaluates to true, the corresponding `action`
+        # is enforced. The following examples are valid match expressions for public NAT:
+        # "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.
+        # 0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'" The
+        # following example is a valid match expression for private NAT: "nexthop.hub ==
+        # '/projects/my-project/global/hub/hub-1'"
+        # Corresponds to the JSON property `match`
+        # @return [String]
+        attr_accessor :match
+      
+        # An integer uniquely identifying a rule in the list. The rule number must be a
+        # positive value between 0 and 65000, and must be unique among rules within a
+        # NAT.
+        # Corresponds to the JSON property `ruleNumber`
+        # @return [Fixnum]
+        attr_accessor :rule_number
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @action = args[:action] if args.key?(:action)
+          @description = args[:description] if args.key?(:description)
+          @match = args[:match] if args.key?(:match)
+          @rule_number = args[:rule_number] if args.key?(:rule_number)
+        end
+      end
+      
+      # 
+      class RouterNatRuleAction
+        include Google::Apis::Core::Hashable
+      
+        # A list of URLs of the IP resources used for this NAT rule. These IP addresses
+        # must be valid static external IP addresses assigned to the project. This field
+        # is used for public NAT.
+        # Corresponds to the JSON property `sourceNatActiveIps`
+        # @return [Array<String>]
+        attr_accessor :source_nat_active_ips
+      
+        # A list of URLs of the IP resources to be drained. These IPs must be valid
+        # static external IPs that have been assigned to the NAT. These IPs should be
+        # used for updating/patching a NAT rule only. This field is used for public NAT.
+        # Corresponds to the JSON property `sourceNatDrainIps`
+        # @return [Array<String>]
+        attr_accessor :source_nat_drain_ips
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @source_nat_active_ips = args[:source_nat_active_ips] if args.key?(:source_nat_active_ips)
+          @source_nat_drain_ips = args[:source_nat_drain_ips] if args.key?(:source_nat_drain_ips)
+        end
+      end
+      
       # Defines the IP ranges that want to use NAT for a subnetwork.
       class RouterNatSubnetworkToNat
         include Google::Apis::Core::Hashable
@@ -30128,6 +30447,11 @@ module Google
         # @return [Fixnum]
         attr_accessor :num_vm_endpoints_with_nat_mappings
       
+        # Status of rules in this NAT.
+        # Corresponds to the JSON property `ruleStatus`
+        # @return [Array<Google::Apis::ComputeBeta::RouterStatusNatStatusNatRuleStatus>]
+        attr_accessor :rule_status
+      
         # A list of fully qualified URLs of reserved IP address resources.
         # Corresponds to the JSON property `userAllocatedNatIpResources`
         # @return [Array<String>]
@@ -30151,11 +30475,58 @@ module Google
           @min_extra_nat_ips_needed = args[:min_extra_nat_ips_needed] if args.key?(:min_extra_nat_ips_needed)
           @name = args[:name] if args.key?(:name)
           @num_vm_endpoints_with_nat_mappings = args[:num_vm_endpoints_with_nat_mappings] if args.key?(:num_vm_endpoints_with_nat_mappings)
+          @rule_status = args[:rule_status] if args.key?(:rule_status)
           @user_allocated_nat_ip_resources = args[:user_allocated_nat_ip_resources] if args.key?(:user_allocated_nat_ip_resources)
           @user_allocated_nat_ips = args[:user_allocated_nat_ips] if args.key?(:user_allocated_nat_ips)
         end
       end
       
+      # Status of a NAT Rule contained in this NAT.
+      class RouterStatusNatStatusNatRuleStatus
+        include Google::Apis::Core::Hashable
+      
+        # A list of active IPs for NAT. Example: ["1.1.1.1", "179.12.26.133"].
+        # Corresponds to the JSON property `activeNatIps`
+        # @return [Array<String>]
+        attr_accessor :active_nat_ips
+      
+        # A list of IPs for NAT that are in drain mode. Example: ["1.1.1.1", "179.12.26.
+        # 133"].
+        # Corresponds to the JSON property `drainNatIps`
+        # @return [Array<String>]
+        attr_accessor :drain_nat_ips
+      
+        # The number of extra IPs to allocate. This will be greater than 0 only if the
+        # existing IPs in this NAT Rule are NOT enough to allow all configured VMs to
+        # use NAT.
+        # Corresponds to the JSON property `minExtraIpsNeeded`
+        # @return [Fixnum]
+        attr_accessor :min_extra_ips_needed
+      
+        # Number of VM endpoints (i.e., NICs) that have NAT Mappings from this NAT Rule.
+        # Corresponds to the JSON property `numVmEndpointsWithNatMappings`
+        # @return [Fixnum]
+        attr_accessor :num_vm_endpoints_with_nat_mappings
+      
+        # Rule number of the rule.
+        # Corresponds to the JSON property `ruleNumber`
+        # @return [Fixnum]
+        attr_accessor :rule_number
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @active_nat_ips = args[:active_nat_ips] if args.key?(:active_nat_ips)
+          @drain_nat_ips = args[:drain_nat_ips] if args.key?(:drain_nat_ips)
+          @min_extra_ips_needed = args[:min_extra_ips_needed] if args.key?(:min_extra_ips_needed)
+          @num_vm_endpoints_with_nat_mappings = args[:num_vm_endpoints_with_nat_mappings] if args.key?(:num_vm_endpoints_with_nat_mappings)
+          @rule_number = args[:rule_number] if args.key?(:rule_number)
+        end
+      end
+      
       # 
       class RouterStatusResponse
         include Google::Apis::Core::Hashable
@@ -30589,6 +30960,11 @@ module Google
         # @return [Fixnum]
         attr_accessor :host_error_timeout_seconds
       
+        # Specifies the termination action for the instance.
+        # Corresponds to the JSON property `instanceTerminationAction`
+        # @return [String]
+        attr_accessor :instance_termination_action
+      
         # An opaque location hint used to place the instance close to other resources.
         # This field is for use by internal tools that use the public API.
         # Corresponds to the JSON property `locationHint`
@@ -30636,6 +31012,11 @@ module Google
         attr_accessor :preemptible
         alias_method :preemptible?, :preemptible
       
+        # Specifies the provisioning model of the instance.
+        # Corresponds to the JSON property `provisioningModel`
+        # @return [String]
+        attr_accessor :provisioning_model
+      
         def initialize(**args)
            update!(**args)
         end
@@ -30644,6 +31025,7 @@ module Google
         def update!(**args)
           @automatic_restart = args[:automatic_restart] if args.key?(:automatic_restart)
           @host_error_timeout_seconds = args[:host_error_timeout_seconds] if args.key?(:host_error_timeout_seconds)
+          @instance_termination_action = args[:instance_termination_action] if args.key?(:instance_termination_action)
           @location_hint = args[:location_hint] if args.key?(:location_hint)
           @maintenance_freeze_duration_hours = args[:maintenance_freeze_duration_hours] if args.key?(:maintenance_freeze_duration_hours)
           @maintenance_interval = args[:maintenance_interval] if args.key?(:maintenance_interval)
@@ -30651,6 +31033,7 @@ module Google
           @node_affinities = args[:node_affinities] if args.key?(:node_affinities)
           @on_host_maintenance = args[:on_host_maintenance] if args.key?(:on_host_maintenance)
           @preemptible = args[:preemptible] if args.key?(:preemptible)
+          @provisioning_model = args[:provisioning_model] if args.key?(:provisioning_model)
         end
       end
       
@@ -30881,8 +31264,8 @@ module Google
         # HTTP requests targeting backend services. They filter requests before they hit
         # the origin servers. CLOUD_ARMOR_EDGE - Cloud Armor edge security policies can
         # be configured to filter incoming HTTP requests targeting backend services (
-        # including Cloud CDN-enabled) as well as backend buckets (GCS). They filter
-        # requests before the request is served from Google’s cache.
+        # including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They
+        # filter requests before the request is served from Google's cache.
         # Corresponds to the JSON property `type`
         # @return [String]
         attr_accessor :type
@@ -31467,23 +31850,23 @@ module Google
         attr_accessor :conform_action
       
         # Determines the key to enforce the rate_limit_threshold on. Possible values are:
-        # “ALL” -- A single rate limit threshold is applied to all the requests
+        # "ALL" -- A single rate limit threshold is applied to all the requests
         # matching this rule. This is the default value if this field 'enforce_on_key'
-        # is not configured. “ALL_IPS” -- This definition, equivalent to "ALL", has been
-        # depprecated. “IP” -- The source IP address of the request is the key. Each IP
-        # has this limit enforced separately. “HTTP_HEADER” -- The value of the HTTP
-        # Header whose name is configured under “enforce_on_key_name”. The key value is
-        # truncated to the first 128 bytes of the Header value. If no such header is
-        # present in the request, the key type defaults to “ALL”. “XFF_IP” -- The first
+        # is not configured. "ALL_IPS" -- This definition, equivalent to "ALL", has been
+        # depprecated. "IP" -- The source IP address of the request is the key. Each IP
+        # has this limit enforced separately. "HTTP_HEADER" -- The value of the HTTP
+        # header whose name is configured under "enforce_on_key_name". The key value is
+        # truncated to the first 128 bytes of the header value. If no such header is
+        # present in the request, the key type defaults to "ALL". "XFF_IP" -- The first
         # IP address (i.e. the originating client IP address) specified in the list of
-        # IPs under X-Forwarded-For HTTP Header. If no such header is present or the
-        # value is not a valid IP, the key type defaults to “ALL”.
+        # IPs under X-Forwarded-For HTTP header. If no such header is present or the
+        # value is not a valid IP, the key type defaults to "ALL".
         # Corresponds to the JSON property `enforceOnKey`
         # @return [String]
         attr_accessor :enforce_on_key
       
         # Rate limit key name applicable only for the following key types: HTTP_HEADER --
-        # Name of the HTTP Header whose value is taken as the key value.
+        # Name of the HTTP header whose value is taken as the key value.
         # Corresponds to the JSON property `enforceOnKeyName`
         # @return [String]
         attr_accessor :enforce_on_key_name
@@ -31710,7 +32093,7 @@ module Google
       # Represents a ServiceAttachment resource. A service attachment represents a
       # service that a producer has exposed. It encapsulates the load balancer which
       # fronts the service runs and a list of NAT IP ranges that the producers uses to
-      # represent the consumers connecting to the service. next tag = 19
+      # represent the consumers connecting to the service. next tag = 20
       class ServiceAttachment
         include Google::Apis::Core::Hashable
       
@@ -32243,6 +32626,13 @@ module Google
       class ShareSettings
         include Google::Apis::Core::Hashable
       
+        # A map of project id and project config. Using map format to ease add-to/remove-
+        # from the Project list in PATCH command. In future we will deprecate (And later
+        # remove) the array one.
+        # Corresponds to the JSON property `projectMap`
+        # @return [Hash<String,Google::Apis::ComputeBeta::ShareSettingsProjectConfig>]
+        attr_accessor :project_map
+      
         # A List of Project names to specify consumer projects for this shared-
         # reservation. This is only valid when share_type's value is SPECIFIC_PROJECTS.
         # Corresponds to the JSON property `projects`
@@ -32260,11 +32650,32 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @project_map = args[:project_map] if args.key?(:project_map)
           @projects = args[:projects] if args.key?(:projects)
           @share_type = args[:share_type] if args.key?(:share_type)
         end
       end
       
+      # Config for each project in the share settings.
+      class ShareSettingsProjectConfig
+        include Google::Apis::Core::Hashable
+      
+        # The project ID, should be same as the key of this project config in the parent
+        # map.
+        # Corresponds to the JSON property `projectId`
+        # @return [String]
+        attr_accessor :project_id
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @project_id = args[:project_id] if args.key?(:project_id)
+        end
+      end
+      
       # A set of Shielded Instance options.
       class ShieldedInstanceConfig
         include Google::Apis::Core::Hashable
@@ -33941,16 +34352,19 @@ module Google
       class Subnetwork
         include Google::Apis::Core::Hashable
       
-        # Whether this subnetwork can conflict with static routes. Setting this to true
-        # allows this subnetwork's primary and secondary ranges to conflict with routes
-        # that have already been configured on the corresponding network. Static routes
-        # will take precedence over the subnetwork route if the route prefix length is
-        # at least as large as the subnetwork prefix length. Also, packets destined to
-        # IPs within subnetwork may contain private/sensitive data and are prevented
-        # from leaving the virtual network. Setting this field to true will disable this
-        # feature. The default value is false and applies to all existing subnetworks
-        # and automatically created subnetworks. This field cannot be set to true at
-        # resource creation time.
+        # Whether this subnetwork's ranges can conflict with existing static routes.
+        # Setting this to true allows this subnetwork's primary and secondary ranges to
+        # overlap with (and contain) static routes that have already been configured on
+        # the corresponding network. For example if a static route has range 10.1.0.0/16,
+        # a subnet range 10.0.0.0/8 could only be created if allow_conflicting_routes=
+        # true. Overlapping is only allowed on subnetwork operations; routes whose
+        # ranges conflict with this subnetwork's ranges won't be allowed unless route.
+        # allow_conflicting_subnetworks is set to true. Typically packets destined to
+        # IPs within the subnetwork (which may contain private/sensitive data) are
+        # prevented from leaving the virtual network. Setting this field to true will
+        # disable this feature. The default value is false and applies to all existing
+        # subnetworks and automatically created subnetworks. This field cannot be set to
+        # true at resource creation time.
         # Corresponds to the JSON property `allowSubnetCidrRoutesOverlap`
         # @return [Boolean]
         attr_accessor :allow_subnet_cidr_routes_overlap
@@ -34051,9 +34465,8 @@ module Google
         attr_accessor :name
       
         # The URL of the network to which this subnetwork belongs, provided by the
-        # client when initially creating the subnetwork. Only networks that are in the
-        # distributed mode can have subnetworks. This field can be set only at resource
-        # creation time.
+        # client when initially creating the subnetwork. This field can be set only at
+        # resource creation time.
         # Corresponds to the JSON property `network`
         # @return [String]
         attr_accessor :network
@@ -34641,6 +35054,20 @@ module Google
         # @return [String]
         attr_accessor :policy
       
+        # The number of backends per backend group assigned to each proxy instance or
+        # each service mesh client. An input parameter to the `
+        # CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `
+        # CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `
+        # INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for
+        # Internal HTTP(S) load balancing and required for Traffic Director. If you do
+        # not provide this value, Cloud Load Balancing will calculate it dynamically to
+        # optimize the number of proxies/clients visible to each backend and vice versa.
+        # Must be greater than 0. If `subset_size` is larger than the number of backends/
+        # endpoints, then subsetting is disabled.
+        # Corresponds to the JSON property `subsetSize`
+        # @return [Fixnum]
+        attr_accessor :subset_size
+      
         def initialize(**args)
            update!(**args)
         end
@@ -34648,6 +35075,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @policy = args[:policy] if args.key?(:policy)
+          @subset_size = args[:subset_size] if args.key?(:subset_size)
         end
       end
       
@@ -35509,6 +35937,25 @@ module Google
         end
       end
       
+      # 
+      class TargetHttpsProxiesSetCertificateMapRequest
+        include Google::Apis::Core::Hashable
+      
+        # URL of the Certificate Map to associate with this TargetHttpsProxy.
+        # Corresponds to the JSON property `certificateMap`
+        # @return [String]
+        attr_accessor :certificate_map
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @certificate_map = args[:certificate_map] if args.key?(:certificate_map)
+        end
+      end
+      
       # 
       class TargetHttpsProxiesSetQuicOverrideRequest
         include Google::Apis::Core::Hashable
@@ -35582,6 +36029,13 @@ module Google
         # @return [String]
         attr_accessor :authorization_policy
       
+        # URL of a certificate map that identifies a certificate map associated with the
+        # given target proxy. This field can only be set for global target proxies. If
+        # set, sslCertificates will be ignored.
+        # Corresponds to the JSON property `certificateMap`
+        # @return [String]
+        attr_accessor :certificate_map
+      
         # [Output Only] Creation timestamp in RFC3339 text format.
         # Corresponds to the JSON property `creationTimestamp`
         # @return [String]
@@ -35719,6 +36173,7 @@ module Google
           @authentication = args[:authentication] if args.key?(:authentication)
           @authorization = args[:authorization] if args.key?(:authorization)
           @authorization_policy = args[:authorization_policy] if args.key?(:authorization_policy)
+          @certificate_map = args[:certificate_map] if args.key?(:certificate_map)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @description = args[:description] if args.key?(:description)
           @fingerprint = args[:fingerprint] if args.key?(:fingerprint)
@@ -37007,6 +37462,25 @@ module Google
         end
       end
       
+      # 
+      class TargetSslProxiesSetCertificateMapRequest
+        include Google::Apis::Core::Hashable
+      
+        # URL of the Certificate Map to associate with this TargetSslProxy.
+        # Corresponds to the JSON property `certificateMap`
+        # @return [String]
+        attr_accessor :certificate_map
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @certificate_map = args[:certificate_map] if args.key?(:certificate_map)
+        end
+      end
+      
       # 
       class TargetSslProxiesSetProxyHeaderRequest
         include Google::Apis::Core::Hashable
@@ -37055,6 +37529,13 @@ module Google
       class TargetSslProxy
         include Google::Apis::Core::Hashable
       
+        # URL of a certificate map that identifies a certificate map associated with the
+        # given target proxy. This field can only be set for global target proxies. If
+        # set, sslCertificates will be ignored.
+        # Corresponds to the JSON property `certificateMap`
+        # @return [String]
+        attr_accessor :certificate_map
+      
         # [Output Only] Creation timestamp in RFC3339 text format.
         # Corresponds to the JSON property `creationTimestamp`
         # @return [String]
@@ -37125,6 +37606,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @certificate_map = args[:certificate_map] if args.key?(:certificate_map)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @description = args[:description] if args.key?(:description)
           @id = args[:id] if args.key?(:id)
@@ -40902,7 +41384,7 @@ module Google
         # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
         # roles/resourcemanager.organizationViewer condition: title: expirable access
         # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
+        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
         # description of IAM and its features, see the [IAM documentation](https://cloud.
         # google.com/iam/docs/).
         # Corresponds to the JSON property `policy`