google-apis-compute_v1 0.19.0 → 0.23.0

data/lib/google/apis/compute_v1/classes.rb

@@ -464,15 +464,15 @@ module Google
       class AccessConfig
         include Google::Apis::Core::Hashable
       
-        # [Output Only] The first IPv6 address of the external IPv6 range associated
-        # with this instance, prefix length is stored in externalIpv6PrefixLength in
+        # The first IPv6 address of the external IPv6 range associated with this
+        # instance, prefix length is stored in externalIpv6PrefixLength in
         # ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork
         # associated with the instance will be allocated dynamically.
         # Corresponds to the JSON property `externalIpv6`
         # @return [String]
         attr_accessor :external_ipv6
       
-        # [Output Only] The prefix length of the external IPv6 range.
+        # The prefix length of the external IPv6 range.
         # Corresponds to the JSON property `externalIpv6PrefixLength`
         # @return [Fixnum]
         attr_accessor :external_ipv6_prefix_length
@@ -633,14 +633,14 @@ module Google
         # regional internal IP address in a subnet of a VPC network) - VPC_PEERING for
         # global internal IP addresses used for private services access allocated ranges.
         # - NAT_AUTO for the regional external IP addresses used by Cloud NAT when
-        # allocating addresses using . - IPSEC_INTERCONNECT for addresses created from a
-        # private IP range that are reserved for a VLAN attachment in an *IPsec-
-        # encrypted Cloud Interconnect* configuration. These addresses are regional
-        # resources. Not currently available publicly. - `SHARED_LOADBALANCER_VIP` for
-        # an internal IP address that is assigned to multiple internal forwarding rules.
-        # - `PRIVATE_SERVICE_CONNECT` for a private network address that is used to
-        # configure Private Service Connect. Only global internal addresses can use this
-        # purpose.
+        # allocating addresses using automatic NAT IP address allocation. -
+        # IPSEC_INTERCONNECT for addresses created from a private IP range that are
+        # reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect*
+        # configuration. These addresses are regional resources. Not currently available
+        # publicly. - `SHARED_LOADBALANCER_VIP` for an internal IP address that is
+        # assigned to multiple internal forwarding rules. - `PRIVATE_SERVICE_CONNECT`
+        # for a private network address that is used to configure Private Service
+        # Connect. Only global internal addresses can use this purpose.
         # Corresponds to the JSON property `purpose`
         # @return [String]
         attr_accessor :purpose
@@ -1051,6 +1051,12 @@ module Google
         attr_accessor :enable_nested_virtualization
         alias_method :enable_nested_virtualization?, :enable_nested_virtualization
       
+        # Whether to enable UEFI networking for instance creation.
+        # Corresponds to the JSON property `enableUefiNetworking`
+        # @return [Boolean]
+        attr_accessor :enable_uefi_networking
+        alias_method :enable_uefi_networking?, :enable_uefi_networking
+      
         # The number of threads per physical core. To disable simultaneous
         # multithreading (SMT) set this to 1. If unset, the maximum number of threads
         # supported per core by the underlying processor is assumed.
@@ -1065,6 +1071,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @enable_nested_virtualization = args[:enable_nested_virtualization] if args.key?(:enable_nested_virtualization)
+          @enable_uefi_networking = args[:enable_uefi_networking] if args.key?(:enable_uefi_networking)
           @threads_per_core = args[:threads_per_core] if args.key?(:threads_per_core)
         end
       end
@@ -1315,7 +1322,8 @@ module Google
         # initializeParams.sourceSnapshot or disks.source is required except for local
         # SSD. If desired, you can also attach existing non-root persistent disks using
         # this property. This field is only applicable for persistent disks. Note that
-        # for InstanceTemplate, specify the disk name, not the URL for the disk.
+        # for InstanceTemplate, specify the disk name for zonal disk, and the URL for
+        # regional disk.
         # Corresponds to the JSON property `source`
         # @return [String]
         attr_accessor :source
@@ -1398,6 +1406,11 @@ module Google
         # @return [Hash<String,String>]
         attr_accessor :labels
       
+        # A list of publicly visible licenses. Reserved for Google's use.
+        # Corresponds to the JSON property `licenses`
+        # @return [Array<String>]
+        attr_accessor :licenses
+      
         # Specifies which action to take on instance update with this disk. Default is
         # to use the existing disk.
         # Corresponds to the JSON property `onUpdateAction`
@@ -1470,6 +1483,7 @@ module Google
           @disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
           @disk_type = args[:disk_type] if args.key?(:disk_type)
           @labels = args[:labels] if args.key?(:labels)
+          @licenses = args[:licenses] if args.key?(:licenses)
           @on_update_action = args[:on_update_action] if args.key?(:on_update_action)
           @provisioned_iops = args[:provisioned_iops] if args.key?(:provisioned_iops)
           @resource_policies = args[:resource_policies] if args.key?(:resource_policies)
@@ -2565,6 +2579,12 @@ module Google
         # @return [String]
         attr_accessor :description
       
+        # [Output Only] The resource URL for the edge security policy associated with
+        # this backend bucket.
+        # Corresponds to the JSON property `edgeSecurityPolicy`
+        # @return [String]
+        attr_accessor :edge_security_policy
+      
         # If true, enable Cloud CDN for this BackendBucket.
         # Corresponds to the JSON property `enableCdn`
         # @return [Boolean]
@@ -2607,6 +2627,7 @@ module Google
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @custom_response_headers = args[:custom_response_headers] if args.key?(:custom_response_headers)
           @description = args[:description] if args.key?(:description)
+          @edge_security_policy = args[:edge_security_policy] if args.key?(:edge_security_policy)
           @enable_cdn = args[:enable_cdn] if args.key?(:enable_cdn)
           @id = args[:id] if args.key?(:id)
           @kind = args[:kind] if args.key?(:kind)
@@ -2626,6 +2647,12 @@ module Google
         # @return [Array<Google::Apis::ComputeV1::BackendBucketCdnPolicyBypassCacheOnRequestHeader>]
         attr_accessor :bypass_cache_on_request_headers
       
+        # Message containing what to include in the cache key for a request for Cloud
+        # CDN.
+        # Corresponds to the JSON property `cacheKeyPolicy`
+        # @return [Google::Apis::ComputeV1::BackendBucketCdnPolicyCacheKeyPolicy]
+        attr_accessor :cache_key_policy
+      
         # Specifies the cache setting for all responses from this backend. The possible
         # values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching
         # headers to cache content. Responses without these headers will not be cached
@@ -2749,6 +2776,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @bypass_cache_on_request_headers = args[:bypass_cache_on_request_headers] if args.key?(:bypass_cache_on_request_headers)
+          @cache_key_policy = args[:cache_key_policy] if args.key?(:cache_key_policy)
           @cache_mode = args[:cache_mode] if args.key?(:cache_mode)
           @client_ttl = args[:client_ttl] if args.key?(:client_ttl)
           @default_ttl = args[:default_ttl] if args.key?(:default_ttl)
@@ -2784,6 +2812,34 @@ module Google
         end
       end
       
+      # Message containing what to include in the cache key for a request for Cloud
+      # CDN.
+      class BackendBucketCdnPolicyCacheKeyPolicy
+        include Google::Apis::Core::Hashable
+      
+        # Allows HTTP request headers (by name) to be used in the cache key.
+        # Corresponds to the JSON property `includeHttpHeaders`
+        # @return [Array<String>]
+        attr_accessor :include_http_headers
+      
+        # Names of query string parameters to include in cache keys. All other
+        # parameters will be excluded. '&' and '=' will be percent encoded and not
+        # treated as delimiters.
+        # Corresponds to the JSON property `queryStringWhitelist`
+        # @return [Array<String>]
+        attr_accessor :query_string_whitelist
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @include_http_headers = args[:include_http_headers] if args.key?(:include_http_headers)
+          @query_string_whitelist = args[:query_string_whitelist] if args.key?(:query_string_whitelist)
+        end
+      end
+      
       # Specify CDN TTLs for response error codes.
       class BackendBucketCdnPolicyNegativeCachingPolicy
         include Google::Apis::Core::Hashable
@@ -2977,6 +3033,11 @@ module Google
         # @return [Google::Apis::ComputeV1::ConnectionDraining]
         attr_accessor :connection_draining
       
+        # Connection Tracking configuration for this BackendService.
+        # Corresponds to the JSON property `connectionTrackingPolicy`
+        # @return [Google::Apis::ComputeV1::BackendServiceConnectionTrackingPolicy]
+        attr_accessor :connection_tracking_policy
+      
         # This message defines settings for a consistent hash style load balancer.
         # Corresponds to the JSON property `consistentHash`
         # @return [Google::Apis::ComputeV1::ConsistentHashLoadBalancerSettings]
@@ -3005,6 +3066,12 @@ module Google
         # @return [String]
         attr_accessor :description
       
+        # [Output Only] The resource URL for the edge security policy associated with
+        # this backend service.
+        # Corresponds to the JSON property `edgeSecurityPolicy`
+        # @return [String]
+        attr_accessor :edge_security_policy
+      
         # If true, enables Cloud CDN for the backend service of an external HTTP(S) load
         # balancer.
         # Corresponds to the JSON property `enableCDN`
@@ -3014,14 +3081,14 @@ module Google
       
         # For load balancers that have configurable failover: [Internal TCP/UDP Load
         # Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-
-        # overview) and [external TCP/UDP Load Balancing](/network/networklb-failover-
-        # overview). On failover or failback, this field indicates whether connection
-        # draining will be honored. Google Cloud has a fixed connection draining timeout
-        # of 10 minutes. A setting of true terminates existing TCP connections to the
-        # active pool during failover and failback, immediately draining traffic. A
-        # setting of false allows existing TCP connections to persist, even on VMs no
-        # longer in the active pool, for up to the duration of the connection draining
-        # timeout (10 minutes).
+        # overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-
+        # balancing/docs/network/networklb-failover-overview). On failover or failback,
+        # this field indicates whether connection draining will be honored. Google Cloud
+        # has a fixed connection draining timeout of 10 minutes. A setting of true
+        # terminates existing TCP connections to the active pool during failover and
+        # failback, immediately draining traffic. A setting of false allows existing TCP
+        # connections to persist, even on VMs no longer in the active pool, for up to
+        # the duration of the connection draining timeout (10 minutes).
         # Corresponds to the JSON property `failoverPolicy`
         # @return [Google::Apis::ComputeV1::BackendServiceFailoverPolicy]
         attr_accessor :failover_policy
@@ -3092,8 +3159,8 @@ module Google
         # INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme
         # set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field
         # is not set to MAGLEV or RING_HASH, session affinity settings will not take
-        # effect. Only the default ROUND_ROBIN policy is supported when the backend
-        # service is referenced by a URL map that is bound to target gRPC proxy that has
+        # effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service
+        # is referenced by a URL map that is bound to target gRPC proxy that has
         # validateForProxyless field set to true.
         # Corresponds to the JSON property `localityLbPolicy`
         # @return [String]
@@ -3186,11 +3253,11 @@ module Google
         # @return [String]
         attr_accessor :self_link
       
-        # Type of session affinity to use. The default is NONE. For a detailed
-        # description of session affinity options, see: [Session affinity](https://cloud.
-        # google.com/load-balancing/docs/backend-service#session_affinity). Not
-        # supported when the backend service is referenced by a URL map that is bound to
-        # target gRPC proxy that has validateForProxyless field set to true.
+        # Type of session affinity to use. The default is NONE. Only NONE and
+        # HEADER_FIELD are supported when the backend service is referenced by a URL map
+        # that is bound to target gRPC proxy that has validateForProxyless field set to
+        # true. For more details, see: [Session Affinity](https://cloud.google.com/load-
+        # balancing/docs/backend-service#session_affinity).
         # Corresponds to the JSON property `sessionAffinity`
         # @return [String]
         attr_accessor :session_affinity
@@ -3220,11 +3287,13 @@ module Google
           @cdn_policy = args[:cdn_policy] if args.key?(:cdn_policy)
           @circuit_breakers = args[:circuit_breakers] if args.key?(:circuit_breakers)
           @connection_draining = args[:connection_draining] if args.key?(:connection_draining)
+          @connection_tracking_policy = args[:connection_tracking_policy] if args.key?(:connection_tracking_policy)
           @consistent_hash = args[:consistent_hash] if args.key?(:consistent_hash)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @custom_request_headers = args[:custom_request_headers] if args.key?(:custom_request_headers)
           @custom_response_headers = args[:custom_response_headers] if args.key?(:custom_response_headers)
           @description = args[:description] if args.key?(:description)
+          @edge_security_policy = args[:edge_security_policy] if args.key?(:edge_security_policy)
           @enable_cdn = args[:enable_cdn] if args.key?(:enable_cdn)
           @failover_policy = args[:failover_policy] if args.key?(:failover_policy)
           @fingerprint = args[:fingerprint] if args.key?(:fingerprint)
@@ -3581,16 +3650,76 @@ module Google
         end
       end
       
+      # Connection Tracking configuration for this BackendService.
+      class BackendServiceConnectionTrackingPolicy
+        include Google::Apis::Core::Hashable
+      
+        # Specifies connection persistence when backends are unhealthy. The default
+        # value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing
+        # connections persist on unhealthy backends only for connection-oriented
+        # protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (
+        # default tracking mode) or the Session Affinity is configured for 5-tuple. They
+        # do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes
+        # unhealthy, the existing connections on the unhealthy backend are never
+        # persisted on the unhealthy backend. They are always diverted to newly selected
+        # healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST,
+        # existing connections always persist on unhealthy backends regardless of
+        # protocol and session affinity. It is generally not recommended to use this
+        # mode overriding the default. For more details, see [Connection Persistence for
+        # Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/
+        # networklb-backend-service#connection-persistence) and [Connection Persistence
+        # for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/
+        # docs/internal#connection-persistence).
+        # Corresponds to the JSON property `connectionPersistenceOnUnhealthyBackends`
+        # @return [String]
+        attr_accessor :connection_persistence_on_unhealthy_backends
+      
+        # Specifies how long to keep a Connection Tracking entry while there is no
+        # matching traffic (in seconds). For Internal TCP/UDP Load Balancing: - The
+        # minimum (default) is 10 minutes and the maximum is 16 hours. - It can be set
+        # only if Connection Tracking is less than 5-tuple (i.e. Session Affinity is
+        # CLIENT_IP_NO_DESTINATION, CLIENT_IP or CLIENT_IP_PROTO, and Tracking Mode is
+        # PER_SESSION). For Network Load Balancer the default is 60 seconds. This option
+        # is not available publicly.
+        # Corresponds to the JSON property `idleTimeoutSec`
+        # @return [Fixnum]
+        attr_accessor :idle_timeout_sec
+      
+        # Specifies the key used for connection tracking. There are two options: -
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed
+        # as per the Connection Key (default Hash Method) for the specific protocol. -
+        # PER_SESSION: The Connection Tracking is performed as per the configured
+        # Session Affinity. It matches the configured Session Affinity. For more details,
+        # see [Tracking Mode for Network Load Balancing](https://cloud.google.com/load-
+        # balancing/docs/network/networklb-backend-service#tracking-mode) and [Tracking
+        # Mode for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-
+        # balancing/docs/internal#tracking-mode).
+        # Corresponds to the JSON property `trackingMode`
+        # @return [String]
+        attr_accessor :tracking_mode
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @connection_persistence_on_unhealthy_backends = args[:connection_persistence_on_unhealthy_backends] if args.key?(:connection_persistence_on_unhealthy_backends)
+          @idle_timeout_sec = args[:idle_timeout_sec] if args.key?(:idle_timeout_sec)
+          @tracking_mode = args[:tracking_mode] if args.key?(:tracking_mode)
+        end
+      end
+      
       # For load balancers that have configurable failover: [Internal TCP/UDP Load
       # Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-
-      # overview) and [external TCP/UDP Load Balancing](/network/networklb-failover-
-      # overview). On failover or failback, this field indicates whether connection
-      # draining will be honored. Google Cloud has a fixed connection draining timeout
-      # of 10 minutes. A setting of true terminates existing TCP connections to the
-      # active pool during failover and failback, immediately draining traffic. A
-      # setting of false allows existing TCP connections to persist, even on VMs no
-      # longer in the active pool, for up to the duration of the connection draining
-      # timeout (10 minutes).
+      # overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-
+      # balancing/docs/network/networklb-failover-overview). On failover or failback,
+      # this field indicates whether connection draining will be honored. Google Cloud
+      # has a fixed connection draining timeout of 10 minutes. A setting of true
+      # terminates existing TCP connections to the active pool during failover and
+      # failback, immediately draining traffic. A setting of false allows existing TCP
+      # connections to persist, even on VMs no longer in the active pool, for up to
+      # the duration of the connection draining timeout (10 minutes).
       class BackendServiceFailoverPolicy
         include Google::Apis::Core::Hashable
       
@@ -3605,8 +3734,9 @@ module Google
         # distributed among all primary VMs when all primary and all backup backend VMs
         # are unhealthy. For load balancers that have configurable failover: [Internal
         # TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/
-        # failover-overview) and [external TCP/UDP Load Balancing](/network/networklb-
-        # failover-overview). The default is false.
+        # failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.
+        # com/load-balancing/docs/network/networklb-failover-overview). The default is
+        # false.
         # Corresponds to the JSON property `dropTrafficIfUnhealthy`
         # @return [Boolean]
         attr_accessor :drop_traffic_if_unhealthy
@@ -3618,7 +3748,8 @@ module Google
         # the total number of healthy primary VMs is less than this ratio. For load
         # balancers that have configurable failover: [Internal TCP/UDP Load Balancing](
         # https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [
-        # external TCP/UDP Load Balancing](/network/networklb-failover-overview).
+        # external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/
+        # network/networklb-failover-overview).
         # Corresponds to the JSON property `failoverRatio`
         # @return [Float]
         attr_accessor :failover_ratio
@@ -4219,7 +4350,7 @@ module Google
         end
       end
       
-      # Associates `members` with a `role`.
+      # Associates `members`, or principals, with a `role`.
       class Binding
         include Google::Apis::Core::Hashable
       
@@ -4247,7 +4378,7 @@ module Google
         # @return [Google::Apis::ComputeV1::Expr]
         attr_accessor :condition
       
-        # Specifies the identities requesting access for a Cloud Platform resource. `
+        # Specifies the principals requesting access for a Cloud Platform resource. `
         # members` can have the following values: * `allUsers`: A special identifier
         # that represents anyone who is on the internet; with or without a Google
         # account. * `allAuthenticatedUsers`: A special identifier that represents
@@ -4277,8 +4408,8 @@ module Google
         # @return [Array<String>]
         attr_accessor :members
       
-        # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`
-        # , or `roles/owner`.
+        # Role that is assigned to the list of `members`, or principals. For example, `
+        # roles/viewer`, `roles/editor`, or `roles/owner`.
         # Corresponds to the JSON property `role`
         # @return [String]
         attr_accessor :role
@@ -4432,6 +4563,17 @@ module Google
         attr_accessor :include_host
         alias_method :include_host?, :include_host
       
+        # Allows HTTP request headers (by name) to be used in the cache key.
+        # Corresponds to the JSON property `includeHttpHeaders`
+        # @return [Array<String>]
+        attr_accessor :include_http_headers
+      
+        # Allows HTTP cookies (by name) to be used in the cache key. The name=value pair
+        # will be used in the cache key Cloud CDN generates.
+        # Corresponds to the JSON property `includeNamedCookies`
+        # @return [Array<String>]
+        attr_accessor :include_named_cookies
+      
         # If true, http and https requests will be cached separately.
         # Corresponds to the JSON property `includeProtocol`
         # @return [Boolean]
@@ -4470,6 +4612,8 @@ module Google
         # Update properties of this object
         def update!(**args)
           @include_host = args[:include_host] if args.key?(:include_host)
+          @include_http_headers = args[:include_http_headers] if args.key?(:include_http_headers)
+          @include_named_cookies = args[:include_named_cookies] if args.key?(:include_named_cookies)
           @include_protocol = args[:include_protocol] if args.key?(:include_protocol)
           @include_query_string = args[:include_query_string] if args.key?(:include_query_string)
           @query_string_blacklist = args[:query_string_blacklist] if args.key?(:query_string_blacklist)
@@ -4534,6 +4678,16 @@ module Google
       class Commitment
         include Google::Apis::Core::Hashable
       
+        # Specifies whether to enable automatic renewal for the commitment. The default
+        # value is false if not specified. The field can be updated until the day of the
+        # commitment expiration at 12:00am PST. If the field is set to true, the
+        # commitment will be automatically renewed for either one or three years
+        # according to the terms of the existing commitment.
+        # Corresponds to the JSON property `autoRenew`
+        # @return [Boolean]
+        attr_accessor :auto_renew
+        alias_method :auto_renew?, :auto_renew
+      
         # The category of the commitment. Category MACHINE specifies commitments
         # composed of machine resources such as VCPU or MEMORY, listed in resources.
         # Category LICENSE specifies commitments composed of software licenses, listed
@@ -4644,6 +4798,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @auto_renew = args[:auto_renew] if args.key?(:auto_renew)
           @category = args[:category] if args.key?(:category)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @description = args[:description] if args.key?(:description)
@@ -5152,14 +5307,15 @@ module Google
         end
       end
       
-      # The specification for allowing client side cross-origin requests. Please see
-      # W3C Recommendation for Cross Origin Resource Sharing
+      # The specification for allowing client-side cross-origin requests. For more
+      # information about the W3C recommendation for cross-origin resource sharing (
+      # CORS), see Fetch API Living Standard.
       class CorsPolicy
         include Google::Apis::Core::Hashable
       
         # In response to a preflight request, setting this to true indicates that the
-        # actual request can include user credentials. This translates to the Access-
-        # Control-Allow-Credentials header. Default is false.
+        # actual request can include user credentials. This field translates to the
+        # Access-Control-Allow-Credentials header. Default is false.
         # Corresponds to the JSON property `allowCredentials`
         # @return [Boolean]
         attr_accessor :allow_credentials
@@ -5175,23 +5331,23 @@ module Google
         # @return [Array<String>]
         attr_accessor :allow_methods
       
-        # Specifies the regualar expression patterns that match allowed origins. For
-        # regular expression grammar please see github.com/google/re2/wiki/Syntax An
-        # origin is allowed if it matches either an item in allowOrigins or an item in
+        # Specifies a regular expression that matches allowed origins. For more
+        # information about the regular expression syntax, see Syntax. An origin is
+        # allowed if it matches either an item in allowOrigins or an item in
         # allowOriginRegexes.
         # Corresponds to the JSON property `allowOriginRegexes`
         # @return [Array<String>]
         attr_accessor :allow_origin_regexes
       
-        # Specifies the list of origins that will be allowed to do CORS requests. An
-        # origin is allowed if it matches either an item in allowOrigins or an item in
+        # Specifies the list of origins that is allowed to do CORS requests. An origin
+        # is allowed if it matches either an item in allowOrigins or an item in
         # allowOriginRegexes.
         # Corresponds to the JSON property `allowOrigins`
         # @return [Array<String>]
         attr_accessor :allow_origins
       
-        # If true, specifies the CORS policy is disabled. The default value of false,
-        # which indicates that the CORS policy is in effect.
+        # If true, the setting specifies the CORS policy is disabled. The default value
+        # of false, which indicates that the CORS policy is in effect.
         # Corresponds to the JSON property `disabled`
         # @return [Boolean]
         attr_accessor :disabled
@@ -5203,7 +5359,7 @@ module Google
         attr_accessor :expose_headers
       
         # Specifies how long results of a preflight request can be cached in seconds.
-        # This translates to the Access-Control-Max-Age header.
+        # This field translates to the Access-Control-Max-Age header.
         # Corresponds to the JSON property `maxAge`
         # @return [Fixnum]
         attr_accessor :max_age
@@ -8337,8 +8493,7 @@ module Google
         attr_accessor :self_link
       
         # Service Directory resources to register this forwarding rule with. Currently,
-        # only supports a single Service Directory resource. It is only supported for
-        # internal load balancing.
+        # only supports a single Service Directory resource.
         # Corresponds to the JSON property `serviceDirectoryRegistrations`
         # @return [Array<Google::Apis::ComputeV1::ForwardingRuleServiceDirectoryRegistration>]
         attr_accessor :service_directory_registrations
@@ -8909,31 +9064,31 @@ module Google
       
         # An Identity and Access Management (IAM) policy, which specifies access
         # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
-        # A `binding` binds one or more `members` to a single `role`. Members can be
-        # user accounts, service accounts, Google groups, and domains (such as G Suite).
-        # A `role` is a named list of permissions; each `role` can be an IAM predefined
-        # role or a user-created custom role. For some types of Google Cloud resources,
-        # a `binding` can also specify a `condition`, which is a logical expression that
-        # allows access to a resource only if the expression evaluates to `true`. A
-        # condition can add constraints based on attributes of the request, the resource,
-        # or both. To learn which resources support conditions in their IAM policies,
-        # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
-        # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
-        # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
-        # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
-        # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
-        # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
-        # title": "expirable access", "description": "Does not grant access after Sep
-        # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
-        # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
-        # members: - user:mike@example.com - group:admins@example.com - domain:google.
-        # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
-        # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
-        # roles/resourcemanager.organizationViewer condition: title: expirable access
-        # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
-        # description of IAM and its features, see the [IAM documentation](https://cloud.
-        # google.com/iam/docs/).
+        # A `binding` binds one or more `members`, or principals, to a single `role`.
+        # Principals can be user accounts, service accounts, Google groups, and domains (
+        # such as G Suite). A `role` is a named list of permissions; each `role` can be
+        # an IAM predefined role or a user-created custom role. For some types of Google
+        # Cloud resources, a `binding` can also specify a `condition`, which is a
+        # logical expression that allows access to a resource only if the expression
+        # evaluates to `true`. A condition can add constraints based on attributes of
+        # the request, the resource, or both. To learn which resources support
+        # conditions in their IAM policies, see the [IAM documentation](https://cloud.
+        # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+        # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
+        # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
+        # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
+        # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
+        # ], "condition": ` "title": "expirable access", "description": "Does not grant
+        # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
+        # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
+        # bindings: - members: - user:mike@example.com - group:admins@example.com -
+        # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
+        # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
+        # com role: roles/resourcemanager.organizationViewer condition: title: expirable
+        # access description: Does not grant access after Sep 2020 expression: request.
+        # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
+        # a description of IAM and its features, see the [IAM documentation](https://
+        # cloud.google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
         # @return [Google::Apis::ComputeV1::Policy]
         attr_accessor :policy
@@ -9006,31 +9161,31 @@ module Google
       
         # An Identity and Access Management (IAM) policy, which specifies access
         # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
-        # A `binding` binds one or more `members` to a single `role`. Members can be
-        # user accounts, service accounts, Google groups, and domains (such as G Suite).
-        # A `role` is a named list of permissions; each `role` can be an IAM predefined
-        # role or a user-created custom role. For some types of Google Cloud resources,
-        # a `binding` can also specify a `condition`, which is a logical expression that
-        # allows access to a resource only if the expression evaluates to `true`. A
-        # condition can add constraints based on attributes of the request, the resource,
-        # or both. To learn which resources support conditions in their IAM policies,
-        # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
-        # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
-        # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
-        # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
-        # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
-        # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
-        # title": "expirable access", "description": "Does not grant access after Sep
-        # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
-        # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
-        # members: - user:mike@example.com - group:admins@example.com - domain:google.
-        # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
-        # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
-        # roles/resourcemanager.organizationViewer condition: title: expirable access
-        # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
-        # description of IAM and its features, see the [IAM documentation](https://cloud.
-        # google.com/iam/docs/).
+        # A `binding` binds one or more `members`, or principals, to a single `role`.
+        # Principals can be user accounts, service accounts, Google groups, and domains (
+        # such as G Suite). A `role` is a named list of permissions; each `role` can be
+        # an IAM predefined role or a user-created custom role. For some types of Google
+        # Cloud resources, a `binding` can also specify a `condition`, which is a
+        # logical expression that allows access to a resource only if the expression
+        # evaluates to `true`. A condition can add constraints based on attributes of
+        # the request, the resource, or both. To learn which resources support
+        # conditions in their IAM policies, see the [IAM documentation](https://cloud.
+        # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+        # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
+        # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
+        # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
+        # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
+        # ], "condition": ` "title": "expirable access", "description": "Does not grant
+        # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
+        # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
+        # bindings: - members: - user:mike@example.com - group:admins@example.com -
+        # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
+        # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
+        # com role: roles/resourcemanager.organizationViewer condition: title: expirable
+        # access description: Does not grant access after Sep 2020 expression: request.
+        # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
+        # a description of IAM and its features, see the [IAM documentation](https://
+        # cloud.google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
         # @return [Google::Apis::ComputeV1::Policy]
         attr_accessor :policy
@@ -9152,8 +9307,11 @@ module Google
       class GuestOsFeature
         include Google::Apis::Core::Hashable
       
-        # The ID of a supported feature. Read Enabling guest operating system features
-        # to see a list of available options.
+        # The ID of a supported feature. To add multiple values, use commas to separate
+        # values. Set to one or more of the following values: - VIRTIO_SCSI_MULTIQUEUE -
+        # WINDOWS - MULTI_IP_SUBNET - UEFI_COMPATIBLE - SECURE_BOOT - GVNIC -
+        # SEV_CAPABLE - SUSPEND_RESUME_COMPATIBLE For more information, see Enabling
+        # guest operating system features.
         # Corresponds to the JSON property `type`
         # @return [String]
         attr_accessor :type
@@ -9487,8 +9645,8 @@ module Google
         attr_accessor :timeout_sec
       
         # Specifies the type of the healthCheck, either TCP, SSL, HTTP, HTTPS or HTTP2.
-        # If not specified, the default is TCP. Exactly one of the protocol-specific
-        # health check field must be specified, which must match type field.
+        # Exactly one of the protocol-specific health check field must be specified,
+        # which must match type field.
         # Corresponds to the JSON property `type`
         # @return [String]
         attr_accessor :type
@@ -10301,7 +10459,8 @@ module Google
         # port numbers in the format host:port. * matches any string of ([a-z0-9-.]*).
         # In that case, * must be the first character and must be followed in the
         # pattern by either - or .. * based matching is not supported when the URL map
-        # is bound to target gRPC proxy that has validateForProxyless field set to true.
+        # is bound to a target gRPC proxy that has the validateForProxyless field set to
+        # true.
         # Corresponds to the JSON property `hosts`
         # @return [Array<String>]
         attr_accessor :hosts
@@ -10328,8 +10487,8 @@ module Google
       class HttpFaultAbort
         include Google::Apis::Core::Hashable
       
-        # The HTTP status code used to abort the request. The value must be between 200
-        # and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP
+        # The HTTP status code used to abort the request. The value must be from 200 to
+        # 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP
         # status code according to this mapping table. HTTP status 200 is mapped to gRPC
         # status UNKNOWN. Injecting an OK status is currently not supported by Traffic
         # Director.
@@ -10337,8 +10496,8 @@ module Google
         # @return [Fixnum]
         attr_accessor :http_status
       
-        # The percentage of traffic (connections/operations/requests) which will be
-        # aborted as part of fault injection. The value must be between 0.0 and 100.0
+        # The percentage of traffic for connections, operations, or requests that is
+        # aborted as part of fault injection. The value must be from 0.0 to 100.0
         # inclusive.
         # Corresponds to the JSON property `percentage`
         # @return [Float]
@@ -10355,8 +10514,8 @@ module Google
         end
       end
       
-      # Specifies the delay introduced by Loadbalancer before forwarding the request
-      # to the backend service as part of fault injection.
+      # Specifies the delay introduced by the load balancer before forwarding the
+      # request to the backend service as part of fault injection.
       class HttpFaultDelay
         include Google::Apis::Core::Hashable
       
@@ -10368,9 +10527,9 @@ module Google
         # @return [Google::Apis::ComputeV1::Duration]
         attr_accessor :fixed_delay
       
-        # The percentage of traffic (connections/operations/requests) on which delay
-        # will be introduced as part of fault injection. The value must be between 0.0
-        # and 100.0 inclusive.
+        # The percentage of traffic for connections, operations, or requests for which a
+        # delay is introduced as part of fault injection. The value must be from 0.0 to
+        # 100.0 inclusive.
         # Corresponds to the JSON property `percentage`
         # @return [Float]
         attr_accessor :percentage
@@ -10389,9 +10548,9 @@ module Google
       # The specification for fault injection introduced into traffic to test the
       # resiliency of clients to backend service failure. As part of fault injection,
       # when clients send requests to a backend service, delays can be introduced by
-      # Loadbalancer on a percentage of requests before sending those request to the
-      # backend service. Similarly requests from clients can be aborted by the
-      # Loadbalancer for a percentage of requests.
+      # the load balancer on a percentage of requests before sending those request to
+      # the backend service. Similarly requests from clients can be aborted by the
+      # load balancer for a percentage of requests.
       class HttpFaultInjection
         include Google::Apis::Core::Hashable
       
@@ -10400,8 +10559,8 @@ module Google
         # @return [Google::Apis::ComputeV1::HttpFaultAbort]
         attr_accessor :abort
       
-        # Specifies the delay introduced by Loadbalancer before forwarding the request
-        # to the backend service as part of fault injection.
+        # Specifies the delay introduced by the load balancer before forwarding the
+        # request to the backend service as part of fault injection.
         # Corresponds to the JSON property `delay`
         # @return [Google::Apis::ComputeV1::HttpFaultDelay]
         attr_accessor :delay
@@ -10422,25 +10581,25 @@ module Google
       class HttpHeaderAction
         include Google::Apis::Core::Hashable
       
-        # Headers to add to a matching request prior to forwarding the request to the
+        # Headers to add to a matching request before forwarding the request to the
         # backendService.
         # Corresponds to the JSON property `requestHeadersToAdd`
         # @return [Array<Google::Apis::ComputeV1::HttpHeaderOption>]
         attr_accessor :request_headers_to_add
       
         # A list of header names for headers that need to be removed from the request
-        # prior to forwarding the request to the backendService.
+        # before forwarding the request to the backendService.
         # Corresponds to the JSON property `requestHeadersToRemove`
         # @return [Array<String>]
         attr_accessor :request_headers_to_remove
       
-        # Headers to add the response prior to sending the response back to the client.
+        # Headers to add the response before sending the response back to the client.
         # Corresponds to the JSON property `responseHeadersToAdd`
         # @return [Array<Google::Apis::ComputeV1::HttpHeaderOption>]
         attr_accessor :response_headers_to_add
       
         # A list of header names for headers that need to be removed from the response
-        # prior to sending the response back to the client.
+        # before sending the response back to the client.
         # Corresponds to the JSON property `responseHeadersToRemove`
         # @return [Array<String>]
         attr_accessor :response_headers_to_remove
@@ -10470,21 +10629,21 @@ module Google
       
         # The name of the HTTP header to match. For matching against the HTTP request's
         # authority, use a headerMatch with the header name ":authority". For matching a
-        # request's method, use the headerName ":method". When the URL map is bound to
-        # target gRPC proxy that has validateForProxyless field set to true, only non-
-        # binary user-specified custom metadata and the `content-type` header are
+        # request's method, use the headerName ":method". When the URL map is bound to a
+        # target gRPC proxy that has the validateForProxyless field set to true, only
+        # non-binary user-specified custom metadata and the `content-type` header are
         # supported. The following transport-level headers cannot be used in header
         # matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `
         # accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`,
         # `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-
-        # bin.
+        # bin`.
         # Corresponds to the JSON property `headerName`
         # @return [String]
         attr_accessor :header_name
       
-        # If set to false, the headerMatch is considered a match if the match criteria
-        # above are met. If set to true, the headerMatch is considered a match if the
-        # match criteria above are NOT met. The default setting is false.
+        # If set to false, the headerMatch is considered a match if the preceding match
+        # criteria are met. If set to true, the headerMatch is considered a match if the
+        # preceding match criteria are NOT met. The default setting is false.
         # Corresponds to the JSON property `invertMatch`
         # @return [Boolean]
         attr_accessor :invert_match
@@ -10512,13 +10671,13 @@ module Google
         attr_accessor :range_match
       
         # The value of the header must match the regular expression specified in
-        # regexMatch. For regular expression grammar, please see: github.com/google/re2/
-        # wiki/Syntax For matching against a port specified in the HTTP request, use a
-        # headerMatch with headerName set to PORT and a regular expression that
-        # satisfies the RFC2616 Host header's port specifier. Only one of exactMatch,
-        # prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-        # Note that regexMatch only applies to Loadbalancers that have their
-        # loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # regexMatch. For more information about regular expression syntax, see Syntax.
+        # For matching against a port specified in the HTTP request, use a headerMatch
+        # with headerName set to PORT and a regular expression that satisfies the
+        # RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch,
+        # suffixMatch, regexMatch, presentMatch or rangeMatch must be set. regexMatch
+        # only applies to load balancers that have loadBalancingScheme set to
+        # INTERNAL_SELF_MANAGED.
         # Corresponds to the JSON property `regexMatch`
         # @return [String]
         attr_accessor :regex_match
@@ -10813,8 +10972,8 @@ module Google
         include Google::Apis::Core::Hashable
       
         # The queryParameterMatch matches if the value of the parameter exactly matches
-        # the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch
-        # must be set.
+        # the contents of exactMatch. Only one of presentMatch, exactMatch, or
+        # regexMatch must be set.
         # Corresponds to the JSON property `exactMatch`
         # @return [String]
         attr_accessor :exact_match
@@ -10827,17 +10986,17 @@ module Google
       
         # Specifies that the queryParameterMatch matches if the request contains the
         # query parameter, irrespective of whether the parameter has a value or not.
-        # Only one of presentMatch, exactMatch or regexMatch must be set.
+        # Only one of presentMatch, exactMatch, or regexMatch must be set.
         # Corresponds to the JSON property `presentMatch`
         # @return [Boolean]
         attr_accessor :present_match
         alias_method :present_match?, :present_match
       
         # The queryParameterMatch matches if the value of the parameter matches the
-        # regular expression specified by regexMatch. For the regular expression grammar,
-        # please see github.com/google/re2/wiki/Syntax Only one of presentMatch,
-        # exactMatch or regexMatch must be set. Note that regexMatch only applies when
-        # the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+        # regular expression specified by regexMatch. For more information about regular
+        # expression syntax, see Syntax. Only one of presentMatch, exactMatch, or
+        # regexMatch must be set. regexMatch only applies when the loadBalancingScheme
+        # is set to INTERNAL_SELF_MANAGED.
         # Corresponds to the JSON property `regexMatch`
         # @return [String]
         attr_accessor :regex_match
@@ -10859,15 +11018,15 @@ module Google
       class HttpRedirectAction
         include Google::Apis::Core::Hashable
       
-        # The host that will be used in the redirect response instead of the one that
-        # was supplied in the request. The value must be between 1 and 255 characters.
+        # The host that is used in the redirect response instead of the one that was
+        # supplied in the request. The value must be from 1 to 255 characters.
         # Corresponds to the JSON property `hostRedirect`
         # @return [String]
         attr_accessor :host_redirect
       
-        # If set to true, the URL scheme in the redirected request is set to https. If
-        # set to false, the URL scheme of the redirected request will remain the same as
-        # that of the request. This must only be set for UrlMaps used in
+        # If set to true, the URL scheme in the redirected request is set to HTTPS. If
+        # set to false, the URL scheme of the redirected request remains the same as
+        # that of the request. This must only be set for URL maps used in
         # TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The
         # default is set to false.
         # Corresponds to the JSON property `httpsRedirect`
@@ -10875,11 +11034,11 @@ module Google
         attr_accessor :https_redirect
         alias_method :https_redirect?, :https_redirect
       
-        # The path that will be used in the redirect response instead of the one that
-        # was supplied in the request. pathRedirect cannot be supplied together with
+        # The path that is used in the redirect response instead of the one that was
+        # supplied in the request. pathRedirect cannot be supplied together with
         # prefixRedirect. Supply one alone or neither. If neither is supplied, the path
-        # of the original request will be used for the redirect. The value must be
-        # between 1 and 1024 characters.
+        # of the original request is used for the redirect. The value must be from 1 to
+        # 1024 characters.
         # Corresponds to the JSON property `pathRedirect`
         # @return [String]
         attr_accessor :path_redirect
@@ -10887,8 +11046,8 @@ module Google
         # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch,
         # retaining the remaining portion of the URL before redirecting the request.
         # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone
-        # or neither. If neither is supplied, the path of the original request will be
-        # used for the redirect. The value must be between 1 and 1024 characters.
+        # or neither. If neither is supplied, the path of the original request is used
+        # for the redirect. The value must be from 1 to 1024 characters.
         # Corresponds to the JSON property `prefixRedirect`
         # @return [String]
         attr_accessor :prefix_redirect
@@ -10897,14 +11056,14 @@ module Google
         # MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. -
         # FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. -
         # TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method
-        # will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case,
-        # the request method will be retained.
+        # is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the
+        # request method is retained.
         # Corresponds to the JSON property `redirectResponseCode`
         # @return [String]
         attr_accessor :redirect_response_code
       
         # If set to true, any accompanying query portion of the original URL is removed
-        # prior to redirecting the request. If set to false, the query portion of the
+        # before redirecting the request. If set to false, the query portion of the
         # original URL is retained. The default is set to false.
         # Corresponds to the JSON property `stripQuery`
         # @return [Boolean]
@@ -10945,25 +11104,27 @@ module Google
         attr_accessor :per_try_timeout
       
         # Specifies one or more conditions when this retry policy applies. Valid values
-        # are: - 5xx: Retry will be attempted if the instance or endpoint responds with
-        # any 5xx response code, or if the instance or endpoint does not respond at all,
-        # example: disconnects, reset, read timeout, connection failure, and refused
+        # are: - 5xx: retry is attempted if the instance or endpoint responds with any
+        # 5xx response code, or if the instance or endpoint does not respond at all. For
+        # example, disconnects, reset, read timeout, connection failure, and refused
         # streams. - gateway-error: Similar to 5xx, but only applies to response codes
-        # 502, 503 or 504. - - connect-failure: A retry will be attempted on failures
-        # connecting to the instance or endpoint, for example due to connection timeouts.
-        # - retriable-4xx: A retry will be attempted if the instance or endpoint
-        # responds with a retriable 4xx response code. Currently the only retriable
-        # error supported is 409. - refused-stream: A retry will be attempted if the
-        # instance or endpoint resets the stream with a REFUSED_STREAM error code. This
-        # reset type indicates that it is safe to retry. - cancelled: A retry will be
-        # attempted if the gRPC status code in the response header is set to cancelled. -
-        # deadline-exceeded: A retry will be attempted if the gRPC status code in the
-        # response header is set to deadline-exceeded. - internal: A retry will be
-        # attempted if the gRPC status code in the response header is set to internal. -
-        # resource-exhausted: A retry will be attempted if the gRPC status code in the
-        # response header is set to resource-exhausted. - unavailable: A retry will be
-        # attempted if the gRPC status code in the response header is set to unavailable.
-        # 
+        # 502, 503 or 504. - connect-failure: a retry is attempted on failures
+        # connecting to the instance or endpoint. For example, connection timeouts. -
+        # retriable-4xx: a retry is attempted if the instance or endpoint responds with
+        # a 4xx response code. The only error that you can retry is error code 409. -
+        # refused-stream: a retry is attempted if the instance or endpoint resets the
+        # stream with a REFUSED_STREAM error code. This reset type indicates that it is
+        # safe to retry. - cancelled: a retry is attempted if the gRPC status code in
+        # the response header is set to cancelled. - deadline-exceeded: a retry is
+        # attempted if the gRPC status code in the response header is set to deadline-
+        # exceeded. - internal: a retry is attempted if the gRPC status code in the
+        # response header is set to internal. - resource-exhausted: a retry is attempted
+        # if the gRPC status code in the response header is set to resource-exhausted. -
+        # unavailable: a retry is attempted if the gRPC status code in the response
+        # header is set to unavailable. Only the following codes are supported when the
+        # URL map is bound to target gRPC proxy that has validateForProxyless field set
+        # to true. - cancelled - deadline-exceeded - internal - resource-exhausted -
+        # unavailable
         # Corresponds to the JSON property `retryConditions`
         # @return [Array<String>]
         attr_accessor :retry_conditions
@@ -10984,8 +11145,9 @@ module Google
       class HttpRouteAction
         include Google::Apis::Core::Hashable
       
-        # The specification for allowing client side cross-origin requests. Please see
-        # W3C Recommendation for Cross Origin Resource Sharing
+        # The specification for allowing client-side cross-origin requests. For more
+        # information about the W3C recommendation for cross-origin resource sharing (
+        # CORS), see Fetch API Living Standard.
         # Corresponds to the JSON property `corsPolicy`
         # @return [Google::Apis::ComputeV1::CorsPolicy]
         attr_accessor :cors_policy
@@ -10993,9 +11155,9 @@ module Google
         # The specification for fault injection introduced into traffic to test the
         # resiliency of clients to backend service failure. As part of fault injection,
         # when clients send requests to a backend service, delays can be introduced by
-        # Loadbalancer on a percentage of requests before sending those request to the
-        # backend service. Similarly requests from clients can be aborted by the
-        # Loadbalancer for a percentage of requests.
+        # the load balancer on a percentage of requests before sending those request to
+        # the backend service. Similarly requests from clients can be aborted by the
+        # load balancer for a percentage of requests.
         # Corresponds to the JSON property `faultInjectionPolicy`
         # @return [Google::Apis::ComputeV1::HttpFaultInjection]
         attr_accessor :fault_injection_policy
@@ -11009,9 +11171,9 @@ module Google
         attr_accessor :max_stream_duration
       
         # A policy that specifies how requests intended for the route's backends are
-        # shadowed to a separate mirrored backend service. Loadbalancer does not wait
-        # for responses from the shadow service. Prior to sending traffic to the shadow
-        # service, the host / authority header is suffixed with -shadow.
+        # shadowed to a separate mirrored backend service. The load balancer doesn't
+        # wait for responses from the shadow service. Before sending traffic to the
+        # shadow service, the host or authority header is suffixed with -shadow.
         # Corresponds to the JSON property `requestMirrorPolicy`
         # @return [Google::Apis::ComputeV1::RequestMirrorPolicy]
         attr_accessor :request_mirror_policy
@@ -11039,7 +11201,7 @@ module Google
         # occurs. The weights determine the fraction of traffic that flows to their
         # corresponding backend service. If all traffic needs to go to a single backend
         # service, there must be one weightedBackendService with weight set to a non-
-        # zero number. Once a backendService is identified and before forwarding the
+        # zero number. After a backend service is identified and before forwarding the
         # request to the backend service, advanced routing actions such as URL rewrites
         # and header transformations are applied depending on additional settings
         # specified in this HttpRouteAction.
@@ -11064,8 +11226,8 @@ module Google
         end
       end
       
-      # An HttpRouteRule specifies how to match an HTTP request and the corresponding
-      # routing action that load balancing proxies will perform.
+      # The HttpRouteRule setting specifies how to match an HTTP request and the
+      # corresponding routing action that load balancing proxies perform.
       class HttpRouteRule
         include Google::Apis::Core::Hashable
       
@@ -11091,11 +11253,11 @@ module Google
         attr_accessor :match_rules
       
         # For routeRules within a given pathMatcher, priority determines the order in
-        # which load balancer will interpret routeRules. RouteRules are evaluated in
-        # order of priority, from the lowest to highest number. The priority of a rule
+        # which a load balancer interprets routeRules. RouteRules are evaluated in order
+        # of priority, from the lowest to highest number. The priority of a rule
         # decreases as its number increases (1, 2, 3, N+1). The first rule that matches
         # the request is applied. You cannot configure two or more routeRules with the
-        # same priority. Priority for each rule must be set to a number between 0 and
+        # same priority. Priority for each rule must be set to a number from 0 to
         # 2147483647 inclusive. Priority numbers can have gaps, which enable you to add
         # or remove rules in the future without affecting the rest of the rules. For
         # example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to
@@ -11106,24 +11268,24 @@ module Google
         attr_accessor :priority
       
         # In response to a matching matchRule, the load balancer performs advanced
-        # routing actions like URL rewrites, header transformations, etc. prior to
+        # routing actions, such as URL rewrites and header transformations, before
         # forwarding the request to the selected backend. If routeAction specifies any
         # weightedBackendServices, service must not be set. Conversely if service is set,
         # routeAction cannot contain any weightedBackendServices. Only one of
         # urlRedirect, service or routeAction.weightedBackendService must be set.
         # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action
-        # within a routeRule's routeAction.
+        # within a route rule's routeAction.
         # Corresponds to the JSON property `routeAction`
         # @return [Google::Apis::ComputeV1::HttpRouteAction]
         attr_accessor :route_action
       
         # The full or partial URL of the backend service resource to which traffic is
-        # directed if this rule is matched. If routeAction is additionally specified,
-        # advanced routing actions like URL Rewrites, etc. take effect prior to sending
-        # the request to the backend. However, if service is specified, routeAction
-        # cannot contain any weightedBackendService s. Conversely, if routeAction
-        # specifies any weightedBackendServices, service must not be specified. Only one
-        # of urlRedirect, service or routeAction.weightedBackendService must be set.
+        # directed if this rule is matched. If routeAction is also specified, advanced
+        # routing actions, such as URL rewrites, take effect before sending the request
+        # to the backend. However, if service is specified, routeAction cannot contain
+        # any weightedBackendServices. Conversely, if routeAction specifies any
+        # weightedBackendServices, service must not be specified. Only one of
+        # urlRedirect, service or routeAction.weightedBackendService must be set.
         # Corresponds to the JSON property `service`
         # @return [String]
         attr_accessor :service
@@ -11156,9 +11318,9 @@ module Google
       
         # For satisfying the matchRule condition, the path of the request must exactly
         # match the value specified in fullPathMatch after removing any query parameters
-        # and anchor that may be part of the original URL. fullPathMatch must be between
-        # 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch
-        # must be specified.
+        # and anchor that may be part of the original URL. fullPathMatch must be from 1
+        # to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must
+        # be specified.
         # Corresponds to the JSON property `fullPathMatch`
         # @return [String]
         attr_accessor :full_path_match
@@ -11171,53 +11333,52 @@ module Google
       
         # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The
         # default value is false. ignoreCase must not be used with regexMatch. Not
-        # supported when the URL map is bound to target gRPC proxy.
+        # supported when the URL map is bound to a target gRPC proxy.
         # Corresponds to the JSON property `ignoreCase`
         # @return [Boolean]
         attr_accessor :ignore_case
         alias_method :ignore_case?, :ignore_case
       
-        # Opaque filter criteria used by Loadbalancer to restrict routing configuration
-        # to a limited set of xDS compliant clients. In their xDS requests to
-        # Loadbalancer, xDS clients present node metadata. When there is a match, the
-        # relevant routing configuration is made available to those proxies. For each
-        # metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY,
-        # at least one of the filterLabels must match the corresponding label provided
-        # in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of
-        # its filterLabels must match with corresponding labels provided in the metadata.
-        # If multiple metadataFilters are specified, all of them need to be satisfied
-        # in order to be considered a match. metadataFilters specified here will be
+        # Opaque filter criteria used by the load balancer to restrict routing
+        # configuration to a limited set of xDS compliant clients. In their xDS requests
+        # to the load balancer, xDS clients present node metadata. When there is a match,
+        # the relevant routing configuration is made available to those proxies. For
+        # each metadataFilter in this list, if its filterMatchCriteria is set to
+        # MATCH_ANY, at least one of the filterLabels must match the corresponding label
+        # provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then
+        # all of its filterLabels must match with corresponding labels provided in the
+        # metadata. If multiple metadata filters are specified, all of them need to be
+        # satisfied in order to be considered a match. metadataFilters specified here is
         # applied after those specified in ForwardingRule that refers to the UrlMap this
-        # HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers
-        # that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not
-        # supported when the URL map is bound to target gRPC proxy that has
-        # validateForProxyless field set to true.
+        # HttpRouteRuleMatch belongs to. metadataFilters only applies to load balancers
+        # that have loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when
+        # the URL map is bound to a target gRPC proxy that has validateForProxyless
+        # field set to true.
         # Corresponds to the JSON property `metadataFilters`
         # @return [Array<Google::Apis::ComputeV1::MetadataFilter>]
         attr_accessor :metadata_filters
       
         # For satisfying the matchRule condition, the request's path must begin with the
-        # specified prefixMatch. prefixMatch must begin with a /. The value must be
-        # between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or
-        # regexMatch must be specified.
+        # specified prefixMatch. prefixMatch must begin with a /. The value must be from
+        # 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch
+        # must be specified.
         # Corresponds to the JSON property `prefixMatch`
         # @return [String]
         attr_accessor :prefix_match
       
         # Specifies a list of query parameter match criteria, all of which must match
         # corresponding query parameters in the request. Not supported when the URL map
-        # is bound to target gRPC proxy.
+        # is bound to a target gRPC proxy.
         # Corresponds to the JSON property `queryParameterMatches`
         # @return [Array<Google::Apis::ComputeV1::HttpQueryParameterMatch>]
         attr_accessor :query_parameter_matches
       
         # For satisfying the matchRule condition, the path of the request must satisfy
         # the regular expression specified in regexMatch after removing any query
-        # parameters and anchor supplied with the original URL. For regular expression
-        # grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch,
-        # fullPathMatch or regexMatch must be specified. Note that regexMatch only
-        # applies to Loadbalancers that have their loadBalancingScheme set to
-        # INTERNAL_SELF_MANAGED.
+        # parameters and anchor supplied with the original URL. For more information
+        # about regular expression syntax, see Syntax. Only one of prefixMatch,
+        # fullPathMatch or regexMatch must be specified. regexMatch only applies to load
+        # balancers that have loadBalancingScheme set to INTERNAL_SELF_MANAGED.
         # Corresponds to the JSON property `regexMatch`
         # @return [String]
         attr_accessor :regex_match
@@ -11505,8 +11666,8 @@ module Google
         attr_accessor :family
       
         # A list of features to enable on the guest operating system. Applicable only
-        # for bootable images. Read Enabling guest operating system features to see a
-        # list of available options.
+        # for bootable images. To see a list of available options, see the
+        # guestOSfeatures[].type parameter.
         # Corresponds to the JSON property `guestOsFeatures`
         # @return [Array<Google::Apis::ComputeV1::GuestOsFeature>]
         attr_accessor :guest_os_features
@@ -12109,6 +12270,11 @@ module Google
         # @return [Array<Google::Apis::ComputeV1::NetworkInterface>]
         attr_accessor :network_interfaces
       
+        # 
+        # Corresponds to the JSON property `networkPerformanceConfig`
+        # @return [Google::Apis::ComputeV1::NetworkPerformanceConfig]
+        attr_accessor :network_performance_config
+      
         # The private IPv6 google access type for the VM. If not specified, use
         # INHERIT_FROM_SUBNETWORK as default.
         # Corresponds to the JSON property `privateIpv6GoogleAccess`
@@ -12161,6 +12327,17 @@ module Google
         # @return [Google::Apis::ComputeV1::ShieldedInstanceIntegrityPolicy]
         attr_accessor :shielded_instance_integrity_policy
       
+        # Source machine image
+        # Corresponds to the JSON property `sourceMachineImage`
+        # @return [String]
+        attr_accessor :source_machine_image
+      
+        # Source machine image encryption key when creating an instance from a machine
+        # image.
+        # Corresponds to the JSON property `sourceMachineImageEncryptionKey`
+        # @return [Google::Apis::ComputeV1::CustomerEncryptionKey]
+        attr_accessor :source_machine_image_encryption_key
+      
         # [Output Only] Whether a VM has been restricted for start because Compute
         # Engine has detected suspicious activity.
         # Corresponds to the JSON property `startRestricted`
@@ -12223,6 +12400,7 @@ module Google
           @min_cpu_platform = args[:min_cpu_platform] if args.key?(:min_cpu_platform)
           @name = args[:name] if args.key?(:name)
           @network_interfaces = args[:network_interfaces] if args.key?(:network_interfaces)
+          @network_performance_config = args[:network_performance_config] if args.key?(:network_performance_config)
           @private_ipv6_google_access = args[:private_ipv6_google_access] if args.key?(:private_ipv6_google_access)
           @reservation_affinity = args[:reservation_affinity] if args.key?(:reservation_affinity)
           @resource_policies = args[:resource_policies] if args.key?(:resource_policies)
@@ -12232,6 +12410,8 @@ module Google
           @service_accounts = args[:service_accounts] if args.key?(:service_accounts)
           @shielded_instance_config = args[:shielded_instance_config] if args.key?(:shielded_instance_config)
           @shielded_instance_integrity_policy = args[:shielded_instance_integrity_policy] if args.key?(:shielded_instance_integrity_policy)
+          @source_machine_image = args[:source_machine_image] if args.key?(:source_machine_image)
+          @source_machine_image_encryption_key = args[:source_machine_image_encryption_key] if args.key?(:source_machine_image_encryption_key)
           @start_restricted = args[:start_restricted] if args.key?(:start_restricted)
           @status = args[:status] if args.key?(:status)
           @status_message = args[:status_message] if args.key?(:status_message)
@@ -12966,6 +13146,30 @@ module Google
         # @return [Fixnum]
         attr_accessor :restarting
       
+        # [Output Only] The number of instances in the managed instance group that are
+        # scheduled to be resumed or are currently being resumed.
+        # Corresponds to the JSON property `resuming`
+        # @return [Fixnum]
+        attr_accessor :resuming
+      
+        # [Output Only] The number of instances in the managed instance group that are
+        # scheduled to be started or are currently being started.
+        # Corresponds to the JSON property `starting`
+        # @return [Fixnum]
+        attr_accessor :starting
+      
+        # [Output Only] The number of instances in the managed instance group that are
+        # scheduled to be stopped or are currently being stopped.
+        # Corresponds to the JSON property `stopping`
+        # @return [Fixnum]
+        attr_accessor :stopping
+      
+        # [Output Only] The number of instances in the managed instance group that are
+        # scheduled to be suspended or are currently being suspended.
+        # Corresponds to the JSON property `suspending`
+        # @return [Fixnum]
+        attr_accessor :suspending
+      
         # [Output Only] The number of instances in the managed instance group that are
         # being verified. See the managedInstances[].currentAction property in the
         # listManagedInstances method documentation.
@@ -12987,6 +13191,10 @@ module Google
           @recreating = args[:recreating] if args.key?(:recreating)
           @refreshing = args[:refreshing] if args.key?(:refreshing)
           @restarting = args[:restarting] if args.key?(:restarting)
+          @resuming = args[:resuming] if args.key?(:resuming)
+          @starting = args[:starting] if args.key?(:starting)
+          @stopping = args[:stopping] if args.key?(:stopping)
+          @suspending = args[:suspending] if args.key?(:suspending)
           @verifying = args[:verifying] if args.key?(:verifying)
         end
       end
@@ -13416,6 +13624,17 @@ module Google
         # @return [String]
         attr_accessor :minimal_action
       
+        # Most disruptive action that is allowed to be taken on an instance. You can
+        # specify either NONE to forbid any actions, REFRESH to allow actions that do
+        # not need instance restart, RESTART to allow actions that can be applied
+        # without instance replacing or REPLACE to allow all possible actions. If the
+        # Updater determines that the minimal update action needed is more disruptive
+        # than most disruptive allowed action you specify it will not perform the update
+        # at all.
+        # Corresponds to the JSON property `mostDisruptiveAllowedAction`
+        # @return [String]
+        attr_accessor :most_disruptive_allowed_action
+      
         # What action should be used to replace instances. See minimal_action.REPLACE
         # Corresponds to the JSON property `replacementMethod`
         # @return [String]
@@ -13440,6 +13659,7 @@ module Google
           @max_surge = args[:max_surge] if args.key?(:max_surge)
           @max_unavailable = args[:max_unavailable] if args.key?(:max_unavailable)
           @minimal_action = args[:minimal_action] if args.key?(:minimal_action)
+          @most_disruptive_allowed_action = args[:most_disruptive_allowed_action] if args.key?(:most_disruptive_allowed_action)
           @replacement_method = args[:replacement_method] if args.key?(:replacement_method)
           @type = args[:type] if args.key?(:type)
         end
@@ -14730,6 +14950,11 @@ module Google
         # @return [Array<Google::Apis::ComputeV1::NetworkInterface>]
         attr_accessor :network_interfaces
       
+        # Note that for MachineImage, this is not supported yet.
+        # Corresponds to the JSON property `networkPerformanceConfig`
+        # @return [Google::Apis::ComputeV1::NetworkPerformanceConfig]
+        attr_accessor :network_performance_config
+      
         # The private IPv6 google access type for VMs. If not specified, use
         # INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not
         # supported yet.
@@ -14742,7 +14967,15 @@ module Google
         # @return [Google::Apis::ComputeV1::ReservationAffinity]
         attr_accessor :reservation_affinity
       
-        # Resource policies (names, not ULRs) applied to instances created from these
+        # Resource manager tags to be bound to the instance. Tag keys and values have
+        # the same definition as resource manager tags. Keys must be in the format `
+        # tagKeys/`tag_key_id``, and values are in the format `tagValues/456`. The field
+        # is ignored (both PUT & PATCH) when empty.
+        # Corresponds to the JSON property `resourceManagerTags`
+        # @return [Hash<String,String>]
+        attr_accessor :resource_manager_tags
+      
+        # Resource policies (names, not URLs) applied to instances created from these
         # properties. Note that for MachineImage, this is not supported yet.
         # Corresponds to the JSON property `resourcePolicies`
         # @return [Array<String>]
@@ -14788,8 +15021,10 @@ module Google
           @metadata = args[:metadata] if args.key?(:metadata)
           @min_cpu_platform = args[:min_cpu_platform] if args.key?(:min_cpu_platform)
           @network_interfaces = args[:network_interfaces] if args.key?(:network_interfaces)
+          @network_performance_config = args[:network_performance_config] if args.key?(:network_performance_config)
           @private_ipv6_google_access = args[:private_ipv6_google_access] if args.key?(:private_ipv6_google_access)
           @reservation_affinity = args[:reservation_affinity] if args.key?(:reservation_affinity)
+          @resource_manager_tags = args[:resource_manager_tags] if args.key?(:resource_manager_tags)
           @resource_policies = args[:resource_policies] if args.key?(:resource_policies)
           @scheduling = args[:scheduling] if args.key?(:scheduling)
           @service_accounts = args[:service_accounts] if args.key?(:service_accounts)
@@ -15633,6 +15868,17 @@ module Google
         # @return [String]
         attr_accessor :bandwidth
       
+        # Up to 16 candidate prefixes that control the allocation of
+        # cloudRouterIpv6Address and customerRouterIpv6Address for this attachment. Each
+        # prefix must be in the Global Unique Address (GUA) space. It is highly
+        # recommended that it be in a range owned by the requestor. A GUA in a range
+        # owned by Google will cause the request to fail. Google will select an
+        # available prefix from the supplied candidates or fail the request. If not
+        # supplied, a /125 from a Google-owned GUA block will be selected.
+        # Corresponds to the JSON property `candidateIpv6Subnets`
+        # @return [Array<String>]
+        attr_accessor :candidate_ipv6_subnets
+      
         # Up to 16 candidate prefixes that can be used to restrict the allocation of
         # cloudRouterIpAddress and customerRouterIpAddress for this attachment. All
         # prefixes must be within link-local address space (169.254.0.0/16) and must be /
@@ -15650,6 +15896,20 @@ module Google
         # @return [String]
         attr_accessor :cloud_router_ip_address
       
+        # [Output Only] IPv6 address + prefix length to be configured on Cloud Router
+        # Interface for this interconnect attachment.
+        # Corresponds to the JSON property `cloudRouterIpv6Address`
+        # @return [String]
+        attr_accessor :cloud_router_ipv6_address
+      
+        # If supplied, the interface id (index within the subnet) to be used for the
+        # cloud router address. The id must be in the range of 1 to 6. If a subnet mask
+        # is supplied, it must be /125, and the subnet should either be 0 or match the
+        # selected subnet.
+        # Corresponds to the JSON property `cloudRouterIpv6InterfaceId`
+        # @return [String]
+        attr_accessor :cloud_router_ipv6_interface_id
+      
         # [Output Only] Creation timestamp in RFC3339 text format.
         # Corresponds to the JSON property `creationTimestamp`
         # @return [String]
@@ -15661,7 +15921,24 @@ module Google
         # @return [String]
         attr_accessor :customer_router_ip_address
       
-        # [Output Only] Dataplane version for this InterconnectAttachment.
+        # [Output Only] IPv6 address + prefix length to be configured on the customer
+        # router subinterface for this interconnect attachment.
+        # Corresponds to the JSON property `customerRouterIpv6Address`
+        # @return [String]
+        attr_accessor :customer_router_ipv6_address
+      
+        # If supplied, the interface id (index within the subnet) to be used for the
+        # customer router address. The id must be in the range of 1 to 6. If a subnet
+        # mask is supplied, it must be /125, and the subnet should either be 0 or match
+        # the selected subnet.
+        # Corresponds to the JSON property `customerRouterIpv6InterfaceId`
+        # @return [String]
+        attr_accessor :customer_router_ipv6_interface_id
+      
+        # [Output only for types PARTNER and DEDICATED. Not present for PARTNER_PROVIDER.
+        # ] Dataplane version for this InterconnectAttachment. This field is only
+        # present for Dataplane version 2 and higher. Absence of this field in the API
+        # output indicates that the Dataplane is version 1.
         # Corresponds to the JSON property `dataplaneVersion`
         # @return [Fixnum]
         attr_accessor :dataplane_version
@@ -15820,6 +16097,14 @@ module Google
         # @return [String]
         attr_accessor :self_link
       
+        # The stack type for this interconnect attachment to identify whether the IPv6
+        # feature is enabled or not. If not specified, IPV4_ONLY will be used. This
+        # field can be both set at interconnect attachments creation and update
+        # interconnect attachment operations.
+        # Corresponds to the JSON property `stackType`
+        # @return [String]
+        attr_accessor :stack_type
+      
         # [Output Only] The current state of this attachment's functionality. Enum
         # values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and
         # PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER,
@@ -15862,10 +16147,15 @@ module Google
         def update!(**args)
           @admin_enabled = args[:admin_enabled] if args.key?(:admin_enabled)
           @bandwidth = args[:bandwidth] if args.key?(:bandwidth)
+          @candidate_ipv6_subnets = args[:candidate_ipv6_subnets] if args.key?(:candidate_ipv6_subnets)
           @candidate_subnets = args[:candidate_subnets] if args.key?(:candidate_subnets)
           @cloud_router_ip_address = args[:cloud_router_ip_address] if args.key?(:cloud_router_ip_address)
+          @cloud_router_ipv6_address = args[:cloud_router_ipv6_address] if args.key?(:cloud_router_ipv6_address)
+          @cloud_router_ipv6_interface_id = args[:cloud_router_ipv6_interface_id] if args.key?(:cloud_router_ipv6_interface_id)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @customer_router_ip_address = args[:customer_router_ip_address] if args.key?(:customer_router_ip_address)
+          @customer_router_ipv6_address = args[:customer_router_ipv6_address] if args.key?(:customer_router_ipv6_address)
+          @customer_router_ipv6_interface_id = args[:customer_router_ipv6_interface_id] if args.key?(:customer_router_ipv6_interface_id)
           @dataplane_version = args[:dataplane_version] if args.key?(:dataplane_version)
           @description = args[:description] if args.key?(:description)
           @edge_availability_domain = args[:edge_availability_domain] if args.key?(:edge_availability_domain)
@@ -15886,6 +16176,7 @@ module Google
           @router = args[:router] if args.key?(:router)
           @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
           @self_link = args[:self_link] if args.key?(:self_link)
+          @stack_type = args[:stack_type] if args.key?(:stack_type)
           @state = args[:state] if args.key?(:state)
           @type = args[:type] if args.key?(:type)
           @vlan_tag8021q = args[:vlan_tag8021q] if args.key?(:vlan_tag8021q)
@@ -17401,7 +17692,7 @@ module Google
       class LocationPolicyLocation
         include Google::Apis::Core::Hashable
       
-        # Preference for a given location: ALLOW or DENY.
+        # Preference for a given location.
         # Corresponds to the JSON property `preference`
         # @return [String]
         attr_accessor :preference
@@ -17547,6 +17838,272 @@ module Google
         end
       end
       
+      # Represents a machine image resource. A machine image is a Compute Engine
+      # resource that stores all the configuration, metadata, permissions, and data
+      # from one or more disks required to create a Virtual machine (VM) instance. For
+      # more information, see Machine images.
+      class MachineImage
+        include Google::Apis::Core::Hashable
+      
+        # [Output Only] The creation timestamp for this machine image in RFC3339 text
+        # format.
+        # Corresponds to the JSON property `creationTimestamp`
+        # @return [String]
+        attr_accessor :creation_timestamp
+      
+        # An optional description of this resource. Provide this property when you
+        # create the resource.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # [Input Only] Whether to attempt an application consistent machine image by
+        # informing the OS to prepare for the snapshot process. Currently only supported
+        # on Windows instances using the Volume Shadow Copy Service (VSS).
+        # Corresponds to the JSON property `guestFlush`
+        # @return [Boolean]
+        attr_accessor :guest_flush
+        alias_method :guest_flush?, :guest_flush
+      
+        # [Output Only] A unique identifier for this machine image. The server defines
+        # this identifier.
+        # Corresponds to the JSON property `id`
+        # @return [Fixnum]
+        attr_accessor :id
+      
+        # [Output Only] Properties of source instance
+        # Corresponds to the JSON property `instanceProperties`
+        # @return [Google::Apis::ComputeV1::InstanceProperties]
+        attr_accessor :instance_properties
+      
+        # [Output Only] The resource type, which is always compute#machineImage for
+        # machine image.
+        # Corresponds to the JSON property `kind`
+        # @return [String]
+        attr_accessor :kind
+      
+        # Encrypts the machine image using a customer-supplied encryption key. After you
+        # encrypt a machine image using a customer-supplied key, you must provide the
+        # same key if you use the machine image later. For example, you must provide the
+        # encryption key when you create an instance from the encrypted machine image in
+        # a future request. Customer-supplied encryption keys do not protect access to
+        # metadata of the machine image. If you do not provide an encryption key when
+        # creating the machine image, then the machine image will be encrypted using an
+        # automatically generated key and you do not need to provide a key to use the
+        # machine image later.
+        # Corresponds to the JSON property `machineImageEncryptionKey`
+        # @return [Google::Apis::ComputeV1::CustomerEncryptionKey]
+        attr_accessor :machine_image_encryption_key
+      
+        # Name of the resource; provided by the client when the resource is created. The
+        # name must be 1-63 characters long, and comply with RFC1035. Specifically, the
+        # name must be 1-63 characters long and match the regular expression `[a-z]([-a-
+        # z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter,
+        # and all following characters must be a dash, lowercase letter, or digit,
+        # except the last character, which cannot be a dash.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # [Output Only] Reserved for future use.
+        # Corresponds to the JSON property `satisfiesPzs`
+        # @return [Boolean]
+        attr_accessor :satisfies_pzs
+        alias_method :satisfies_pzs?, :satisfies_pzs
+      
+        # An array of Machine Image specific properties for disks attached to the source
+        # instance
+        # Corresponds to the JSON property `savedDisks`
+        # @return [Array<Google::Apis::ComputeV1::SavedDisk>]
+        attr_accessor :saved_disks
+      
+        # [Output Only] The URL for this machine image. The server defines this URL.
+        # Corresponds to the JSON property `selfLink`
+        # @return [String]
+        attr_accessor :self_link
+      
+        # [Input Only] The customer-supplied encryption key of the disks attached to the
+        # source instance. Required if the source disk is protected by a customer-
+        # supplied encryption key.
+        # Corresponds to the JSON property `sourceDiskEncryptionKeys`
+        # @return [Array<Google::Apis::ComputeV1::SourceDiskEncryptionKey>]
+        attr_accessor :source_disk_encryption_keys
+      
+        # The source instance used to create the machine image. You can provide this as
+        # a partial or full URL to the resource. For example, the following are valid
+        # values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /
+        # instances/instance - projects/project/zones/zone/instances/instance
+        # Corresponds to the JSON property `sourceInstance`
+        # @return [String]
+        attr_accessor :source_instance
+      
+        # DEPRECATED: Please use compute#instanceProperties instead. New properties will
+        # not be added to this field.
+        # Corresponds to the JSON property `sourceInstanceProperties`
+        # @return [Google::Apis::ComputeV1::SourceInstanceProperties]
+        attr_accessor :source_instance_properties
+      
+        # [Output Only] The status of the machine image. One of the following values:
+        # INVALID, CREATING, READY, DELETING, and UPLOADING.
+        # Corresponds to the JSON property `status`
+        # @return [String]
+        attr_accessor :status
+      
+        # The regional or multi-regional Cloud Storage bucket location where the machine
+        # image is stored.
+        # Corresponds to the JSON property `storageLocations`
+        # @return [Array<String>]
+        attr_accessor :storage_locations
+      
+        # [Output Only] Total size of the storage used by the machine image.
+        # Corresponds to the JSON property `totalStorageBytes`
+        # @return [Fixnum]
+        attr_accessor :total_storage_bytes
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
+          @description = args[:description] if args.key?(:description)
+          @guest_flush = args[:guest_flush] if args.key?(:guest_flush)
+          @id = args[:id] if args.key?(:id)
+          @instance_properties = args[:instance_properties] if args.key?(:instance_properties)
+          @kind = args[:kind] if args.key?(:kind)
+          @machine_image_encryption_key = args[:machine_image_encryption_key] if args.key?(:machine_image_encryption_key)
+          @name = args[:name] if args.key?(:name)
+          @satisfies_pzs = args[:satisfies_pzs] if args.key?(:satisfies_pzs)
+          @saved_disks = args[:saved_disks] if args.key?(:saved_disks)
+          @self_link = args[:self_link] if args.key?(:self_link)
+          @source_disk_encryption_keys = args[:source_disk_encryption_keys] if args.key?(:source_disk_encryption_keys)
+          @source_instance = args[:source_instance] if args.key?(:source_instance)
+          @source_instance_properties = args[:source_instance_properties] if args.key?(:source_instance_properties)
+          @status = args[:status] if args.key?(:status)
+          @storage_locations = args[:storage_locations] if args.key?(:storage_locations)
+          @total_storage_bytes = args[:total_storage_bytes] if args.key?(:total_storage_bytes)
+        end
+      end
+      
+      # A list of machine images.
+      class MachineImageList
+        include Google::Apis::Core::Hashable
+      
+        # [Output Only] Unique identifier for the resource; defined by the server.
+        # Corresponds to the JSON property `id`
+        # @return [String]
+        attr_accessor :id
+      
+        # A list of MachineImage resources.
+        # Corresponds to the JSON property `items`
+        # @return [Array<Google::Apis::ComputeV1::MachineImage>]
+        attr_accessor :items
+      
+        # [Output Only] The resource type, which is always compute#
+        # machineImagesListResponse for machine image lists.
+        # Corresponds to the JSON property `kind`
+        # @return [String]
+        attr_accessor :kind
+      
+        # [Output Only] This token allows you to get the next page of results for list
+        # requests. If the number of results is larger than maxResults, use the
+        # nextPageToken as a value for the query parameter pageToken in the next list
+        # request. Subsequent list requests will have their own nextPageToken to
+        # continue paging through the results.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # [Output Only] Server-defined URL for this resource.
+        # Corresponds to the JSON property `selfLink`
+        # @return [String]
+        attr_accessor :self_link
+      
+        # [Output Only] Informational warning message.
+        # Corresponds to the JSON property `warning`
+        # @return [Google::Apis::ComputeV1::MachineImageList::Warning]
+        attr_accessor :warning
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @id = args[:id] if args.key?(:id)
+          @items = args[:items] if args.key?(:items)
+          @kind = args[:kind] if args.key?(:kind)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @self_link = args[:self_link] if args.key?(:self_link)
+          @warning = args[:warning] if args.key?(:warning)
+        end
+        
+        # [Output Only] Informational warning message.
+        class Warning
+          include Google::Apis::Core::Hashable
+        
+          # [Output Only] A warning code, if applicable. For example, Compute Engine
+          # returns NO_RESULTS_ON_PAGE if there are no results in the response.
+          # Corresponds to the JSON property `code`
+          # @return [String]
+          attr_accessor :code
+        
+          # [Output Only] Metadata about this warning in key: value format. For example: "
+          # data": [ ` "key": "scope", "value": "zones/us-east1-d" `
+          # Corresponds to the JSON property `data`
+          # @return [Array<Google::Apis::ComputeV1::MachineImageList::Warning::Datum>]
+          attr_accessor :data
+        
+          # [Output Only] A human-readable description of the warning code.
+          # Corresponds to the JSON property `message`
+          # @return [String]
+          attr_accessor :message
+        
+          def initialize(**args)
+             update!(**args)
+          end
+        
+          # Update properties of this object
+          def update!(**args)
+            @code = args[:code] if args.key?(:code)
+            @data = args[:data] if args.key?(:data)
+            @message = args[:message] if args.key?(:message)
+          end
+          
+          # 
+          class Datum
+            include Google::Apis::Core::Hashable
+          
+            # [Output Only] A key that provides more detail on the warning being returned.
+            # For example, for warnings where there are no results in a list request for a
+            # particular zone, this key might be scope and the key value might be the zone
+            # name. Other examples might be a key indicating a deprecated resource and a
+            # suggested replacement, or a warning about invalid network settings (for
+            # example, if an instance attempts to perform IP forwarding but is not enabled
+            # for IP forwarding).
+            # Corresponds to the JSON property `key`
+            # @return [String]
+            attr_accessor :key
+          
+            # [Output Only] A warning data value corresponding to the key.
+            # Corresponds to the JSON property `value`
+            # @return [String]
+            attr_accessor :value
+          
+            def initialize(**args)
+               update!(**args)
+            end
+          
+            # Update properties of this object
+            def update!(**args)
+              @key = args[:key] if args.key?(:key)
+              @value = args[:value] if args.key?(:value)
+            end
+          end
+        end
+      end
+      
       # Represents a Machine Type resource. You can use specific machine types for
       # your VM instances based on performance and pricing requirements. For more
       # information, read Machine Types.
@@ -18325,18 +18882,18 @@ module Google
         end
       end
       
-      # Opaque filter criteria used by loadbalancers to restrict routing configuration
-      # to a limited set of loadbalancing proxies. Proxies and sidecars involved in
-      # loadbalancing would typically present metadata to the loadbalancers which need
-      # to match criteria specified here. If a match takes place, the relevant
-      # configuration is made available to those proxies. For each metadataFilter in
-      # this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the
-      # filterLabels must match the corresponding label provided in the metadata. If
-      # its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must
-      # match with corresponding labels provided in the metadata. An example for using
-      # metadataFilters would be: if loadbalancing involves Envoys, they will only
-      # receive routing configuration when values in metadataFilters match values
-      # supplied in of their XDS requests to loadbalancers.
+      # Opaque filter criteria used by load balancers to restrict routing
+      # configuration to a limited set of load balancing proxies. Proxies and sidecars
+      # involved in load balancing would typically present metadata to the load
+      # balancers that need to match criteria specified here. If a match takes place,
+      # the relevant configuration is made available to those proxies. For each
+      # metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY,
+      # at least one of the filterLabels must match the corresponding label provided
+      # in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of
+      # its filterLabels must match with corresponding labels provided in the metadata.
+      # An example for using metadataFilters would be: if load balancing involves
+      # Envoys, they receive routing configuration when values in metadataFilters
+      # match values supplied in of their XDS requests to loadbalancers.
       class MetadataFilter
         include Google::Apis::Core::Hashable
       
@@ -18347,11 +18904,11 @@ module Google
         # @return [Array<Google::Apis::ComputeV1::MetadataFilterLabelMatch>]
         attr_accessor :filter_labels
       
-        # Specifies how individual filterLabel matches within the list of filterLabels
-        # contribute towards the overall metadataFilter match. Supported values are: -
-        # MATCH_ANY: At least one of the filterLabels must have a matching label in the
-        # provided metadata. - MATCH_ALL: All filterLabels must have matching labels in
-        # the provided metadata.
+        # Specifies how individual filter label matches within the list of filterLabels
+        # and contributes toward the overall metadataFilter match. Supported values are:
+        # - MATCH_ANY: at least one of the filterLabels must have a matching label in
+        # the provided metadata. - MATCH_ALL: all filterLabels must have matching labels
+        # in the provided metadata.
         # Corresponds to the JSON property `filterMatchCriteria`
         # @return [String]
         attr_accessor :filter_match_criteria
@@ -18368,7 +18925,7 @@ module Google
       end
       
       # MetadataFilter label name value pairs that are expected to match corresponding
-      # labels presented as metadata to the loadbalancer.
+      # labels presented as metadata to the load balancer.
       class MetadataFilterLabelMatch
         include Google::Apis::Core::Hashable
       
@@ -18675,6 +19232,12 @@ module Google
         # @return [String]
         attr_accessor :network_endpoint_type
       
+        # The target service url used to set up private service connection to a Google
+        # API. An example value is: "asia-northeast3-cloudkms.googleapis.com"
+        # Corresponds to the JSON property `pscTargetService`
+        # @return [String]
+        attr_accessor :psc_target_service
+      
         # [Output Only] The URL of the region where the network endpoint group is
         # located.
         # Corresponds to the JSON property `region`
@@ -18720,6 +19283,7 @@ module Google
           @name = args[:name] if args.key?(:name)
           @network = args[:network] if args.key?(:network)
           @network_endpoint_type = args[:network_endpoint_type] if args.key?(:network_endpoint_type)
+          @psc_target_service = args[:psc_target_service] if args.key?(:psc_target_service)
           @region = args[:region] if args.key?(:region)
           @self_link = args[:self_link] if args.key?(:self_link)
           @size = args[:size] if args.key?(:size)
@@ -19420,7 +19984,7 @@ module Google
         # @return [String]
         attr_accessor :ipv6_access_type
       
-        # [Output Only] An IPv6 internal network address for this network interface.
+        # An IPv6 internal network address for this network interface.
         # Corresponds to the JSON property `ipv6Address`
         # @return [String]
         attr_accessor :ipv6_address
@@ -19437,14 +20001,15 @@ module Google
         # @return [String]
         attr_accessor :name
       
-        # URL of the network resource for this instance. When creating an instance, if
-        # neither the network nor the subnetwork is specified, the default network
-        # global/networks/default is used; if the network is not specified but the
-        # subnetwork is specified, the network is inferred. If you specify this property,
-        # you can specify the network as a full or partial URL. For example, the
-        # following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/
-        # project/global/networks/ network - projects/project/global/networks/network -
-        # global/networks/default
+        # URL of the VPC network resource for this instance. When creating an instance,
+        # if neither the network nor the subnetwork is specified, the default network
+        # global/networks/default is used. If the selected project doesn't have the
+        # default network, you must specify a network or subnet. If the network is not
+        # specified but the subnetwork is specified, the network is inferred. If you
+        # specify this property, you can specify the network as a full or partial URL.
+        # For example, the following are all valid URLs: - https://www.googleapis.com/
+        # compute/v1/projects/project/global/networks/ network - projects/project/global/
+        # networks/network - global/networks/default
         # Corresponds to the JSON property `network`
         # @return [String]
         attr_accessor :network
@@ -19653,7 +20218,8 @@ module Google
         attr_accessor :exchange_subnet_routes
         alias_method :exchange_subnet_routes?, :exchange_subnet_routes
       
-        # Whether to export the custom routes to peer network.
+        # Whether to export the custom routes to peer network. The default value is
+        # false.
         # Corresponds to the JSON property `exportCustomRoutes`
         # @return [Boolean]
         attr_accessor :export_custom_routes
@@ -19667,7 +20233,8 @@ module Google
         attr_accessor :export_subnet_routes_with_public_ip
         alias_method :export_subnet_routes_with_public_ip?, :export_subnet_routes_with_public_ip
       
-        # Whether to import the custom routes from peer network.
+        # Whether to import the custom routes from peer network. The default value is
+        # false.
         # Corresponds to the JSON property `importCustomRoutes`
         # @return [Boolean]
         attr_accessor :import_custom_routes
@@ -19735,6 +20302,25 @@ module Google
         end
       end
       
+      # 
+      class NetworkPerformanceConfig
+        include Google::Apis::Core::Hashable
+      
+        # 
+        # Corresponds to the JSON property `totalEgressBandwidthTier`
+        # @return [String]
+        attr_accessor :total_egress_bandwidth_tier
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @total_egress_bandwidth_tier = args[:total_egress_bandwidth_tier] if args.key?(:total_egress_bandwidth_tier)
+        end
+      end
+      
       # A routing configuration attached to a network resource. The message includes
       # the list of routers associated with the network, and a flag indicating the
       # type of routing behavior to enforce network-wide.
@@ -23275,37 +23861,37 @@ module Google
       
       # A matcher for the path portion of the URL. The BackendService from the longest-
       # matched rule will serve the URL. If no rule was matched, the default service
-      # will be used.
+      # is used.
       class PathMatcher
         include Google::Apis::Core::Hashable
       
         # defaultRouteAction takes effect when none of the pathRules or routeRules match.
-        # The load balancer performs advanced routing actions like URL rewrites, header
-        # transformations, etc. prior to forwarding the request to the selected backend.
+        # The load balancer performs advanced routing actions, such as URL rewrites and
+        # header transformations, before forwarding the request to the selected backend.
         # If defaultRouteAction specifies any weightedBackendServices, defaultService
         # must not be set. Conversely if defaultService is set, defaultRouteAction
         # cannot contain any weightedBackendServices. Only one of defaultRouteAction or
         # defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers
-        # support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        # support only the urlRewrite action within a path matcher's defaultRouteAction.
         # Corresponds to the JSON property `defaultRouteAction`
         # @return [Google::Apis::ComputeV1::HttpRouteAction]
         attr_accessor :default_route_action
       
-        # The full or partial URL to the BackendService resource. This will be used if
+        # The full or partial URL to the BackendService resource. This URL is used if
         # none of the pathRules or routeRules defined by this PathMatcher are matched.
         # For example, the following are all valid URLs to a BackendService resource: -
         # https://www.googleapis.com/compute/v1/projects/project /global/backendServices/
         # backendService - compute/v1/projects/project/global/backendServices/
         # backendService - global/backendServices/backendService If defaultRouteAction
-        # is additionally specified, advanced routing actions like URL Rewrites, etc.
-        # take effect prior to sending the request to the backend. However, if
-        # defaultService is specified, defaultRouteAction cannot contain any
-        # weightedBackendServices. Conversely, if defaultRouteAction specifies any
-        # weightedBackendServices, defaultService must not be specified. Only one of
-        # defaultService, defaultUrlRedirect or defaultRouteAction.
-        # weightedBackendService must be set. Authorization requires one or more of the
-        # following Google IAM permissions on the specified resource default_service: -
-        # compute.backendBuckets.use - compute.backendServices.use
+        # is also specified, advanced routing actions, such as URL rewrites, take effect
+        # before sending the request to the backend. However, if defaultService is
+        # specified, defaultRouteAction cannot contain any weightedBackendServices.
+        # Conversely, if defaultRouteAction specifies any weightedBackendServices,
+        # defaultService must not be specified. Only one of defaultService,
+        # defaultUrlRedirect , or defaultRouteAction.weightedBackendService must be set.
+        # Authorization requires one or more of the following Google IAM permissions on
+        # the specified resource default_service: - compute.backendBuckets.use - compute.
+        # backendServices.use
         # Corresponds to the JSON property `defaultService`
         # @return [String]
         attr_accessor :default_service
@@ -23381,23 +23967,23 @@ module Google
         attr_accessor :paths
       
         # In response to a matching path, the load balancer performs advanced routing
-        # actions like URL rewrites, header transformations, etc. prior to forwarding
+        # actions, such as URL rewrites and header transformations, before forwarding
         # the request to the selected backend. If routeAction specifies any
         # weightedBackendServices, service must not be set. Conversely if service is set,
         # routeAction cannot contain any weightedBackendServices. Only one of
-        # routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load
-        # balancers support only the urlRewrite action within a pathRule's routeAction.
+        # routeAction or urlRedirect must be set. URL maps for external HTTP(S) load
+        # balancers support only the urlRewrite action within a path rule's routeAction.
         # Corresponds to the JSON property `routeAction`
         # @return [Google::Apis::ComputeV1::HttpRouteAction]
         attr_accessor :route_action
       
         # The full or partial URL of the backend service resource to which traffic is
-        # directed if this rule is matched. If routeAction is additionally specified,
-        # advanced routing actions like URL Rewrites, etc. take effect prior to sending
-        # the request to the backend. However, if service is specified, routeAction
-        # cannot contain any weightedBackendService s. Conversely, if routeAction
-        # specifies any weightedBackendServices, service must not be specified. Only one
-        # of urlRedirect, service or routeAction.weightedBackendService must be set.
+        # directed if this rule is matched. If routeAction is also specified, advanced
+        # routing actions, such as URL rewrites, take effect before sending the request
+        # to the backend. However, if service is specified, routeAction cannot contain
+        # any weightedBackendServices. Conversely, if routeAction specifies any
+        # weightedBackendServices, service must not be specified. Only one of
+        # urlRedirect, service or routeAction.weightedBackendService must be set.
         # Corresponds to the JSON property `service`
         # @return [String]
         attr_accessor :service
@@ -23469,31 +24055,31 @@ module Google
       
       # An Identity and Access Management (IAM) policy, which specifies access
       # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
-      # A `binding` binds one or more `members` to a single `role`. Members can be
-      # user accounts, service accounts, Google groups, and domains (such as G Suite).
-      # A `role` is a named list of permissions; each `role` can be an IAM predefined
-      # role or a user-created custom role. For some types of Google Cloud resources,
-      # a `binding` can also specify a `condition`, which is a logical expression that
-      # allows access to a resource only if the expression evaluates to `true`. A
-      # condition can add constraints based on attributes of the request, the resource,
-      # or both. To learn which resources support conditions in their IAM policies,
-      # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
-      # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
-      # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
-      # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
-      # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
-      # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
-      # title": "expirable access", "description": "Does not grant access after Sep
-      # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
-      # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
-      # members: - user:mike@example.com - group:admins@example.com - domain:google.
-      # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
-      # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
-      # roles/resourcemanager.organizationViewer condition: title: expirable access
-      # description: Does not grant access after Sep 2020 expression: request.time <
-      # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
-      # description of IAM and its features, see the [IAM documentation](https://cloud.
-      # google.com/iam/docs/).
+      # A `binding` binds one or more `members`, or principals, to a single `role`.
+      # Principals can be user accounts, service accounts, Google groups, and domains (
+      # such as G Suite). A `role` is a named list of permissions; each `role` can be
+      # an IAM predefined role or a user-created custom role. For some types of Google
+      # Cloud resources, a `binding` can also specify a `condition`, which is a
+      # logical expression that allows access to a resource only if the expression
+      # evaluates to `true`. A condition can add constraints based on attributes of
+      # the request, the resource, or both. To learn which resources support
+      # conditions in their IAM policies, see the [IAM documentation](https://cloud.
+      # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+      # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
+      # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
+      # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
+      # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
+      # ], "condition": ` "title": "expirable access", "description": "Does not grant
+      # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
+      # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
+      # bindings: - members: - user:mike@example.com - group:admins@example.com -
+      # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
+      # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
+      # com role: roles/resourcemanager.organizationViewer condition: title: expirable
+      # access description: Does not grant access after Sep 2020 expression: request.
+      # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
+      # a description of IAM and its features, see the [IAM documentation](https://
+      # cloud.google.com/iam/docs/).
       class Policy
         include Google::Apis::Core::Hashable
       
@@ -23502,9 +24088,14 @@ module Google
         # @return [Array<Google::Apis::ComputeV1::AuditConfig>]
         attr_accessor :audit_configs
       
-        # Associates a list of `members` to a `role`. Optionally, may specify a `
-        # condition` that determines how and when the `bindings` are applied. Each of
-        # the `bindings` must contain at least one member.
+        # Associates a list of `members`, or principals, with a `role`. Optionally, may
+        # specify a `condition` that determines how and when the `bindings` are applied.
+        # Each of the `bindings` must contain at least one principal. The `bindings` in
+        # a `Policy` can refer to up to 1,500 principals; up to 250 of these principals
+        # can be Google groups. Each occurrence of a principal counts towards these
+        # limits. For example, if the `bindings` grant 50 different roles to `user:alice@
+        # example.com`, and not to any other principal, then you can add another 1,450
+        # principals to the `bindings` in the `Policy`.
         # Corresponds to the JSON property `bindings`
         # @return [Array<Google::Apis::ComputeV1::Binding>]
         attr_accessor :bindings
@@ -23525,12 +24116,6 @@ module Google
         # @return [String]
         attr_accessor :etag
       
-        # This is deprecated and has no effect. Do not use.
-        # Corresponds to the JSON property `iamOwned`
-        # @return [Boolean]
-        attr_accessor :iam_owned
-        alias_method :iam_owned?, :iam_owned
-      
         # This is deprecated and has no effect. Do not use.
         # Corresponds to the JSON property `rules`
         # @return [Array<Google::Apis::ComputeV1::Rule>]
@@ -23564,7 +24149,6 @@ module Google
           @audit_configs = args[:audit_configs] if args.key?(:audit_configs)
           @bindings = args[:bindings] if args.key?(:bindings)
           @etag = args[:etag] if args.key?(:etag)
-          @iam_owned = args[:iam_owned] if args.key?(:iam_owned)
           @rules = args[:rules] if args.key?(:rules)
           @version = args[:version] if args.key?(:version)
         end
@@ -23945,7 +24529,13 @@ module Google
         # @return [String]
         attr_accessor :shared_secret
       
-        # The status of the public advertised prefix.
+        # The status of the public advertised prefix. Possible values include: - `
+        # INITIAL`: RPKI validation is complete. - `PTR_CONFIGURED`: User has configured
+        # the PTR. - `VALIDATED`: Reverse DNS lookup is successful. - `
+        # REVERSE_DNS_LOOKUP_FAILED`: Reverse DNS lookup failed. - `
+        # PREFIX_CONFIGURATION_IN_PROGRESS`: The prefix is being configured. - `
+        # PREFIX_CONFIGURATION_COMPLETE`: The prefix is fully configured. - `
+        # PREFIX_REMOVAL_IN_PROGRESS`: The prefix is being removed.
         # Corresponds to the JSON property `status`
         # @return [String]
         attr_accessor :status
@@ -24224,7 +24814,12 @@ module Google
         # @return [String]
         attr_accessor :self_link
       
-        # [Output Only] The status of the public delegated prefix.
+        # [Output Only] The status of the public delegated prefix, which can be one of
+        # following values: - `INITIALIZING` The public delegated prefix is being
+        # initialized and addresses cannot be created yet. - `READY_TO_ANNOUNCE` The
+        # public delegated prefix is a live migration prefix and is active. - `ANNOUNCED`
+        # The public delegated prefix is active. - `DELETING` The public delegated
+        # prefix is being deprovsioned.
         # Corresponds to the JSON property `status`
         # @return [String]
         attr_accessor :status
@@ -26084,31 +26679,31 @@ module Google
       
         # An Identity and Access Management (IAM) policy, which specifies access
         # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
-        # A `binding` binds one or more `members` to a single `role`. Members can be
-        # user accounts, service accounts, Google groups, and domains (such as G Suite).
-        # A `role` is a named list of permissions; each `role` can be an IAM predefined
-        # role or a user-created custom role. For some types of Google Cloud resources,
-        # a `binding` can also specify a `condition`, which is a logical expression that
-        # allows access to a resource only if the expression evaluates to `true`. A
-        # condition can add constraints based on attributes of the request, the resource,
-        # or both. To learn which resources support conditions in their IAM policies,
-        # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
-        # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
-        # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
-        # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
-        # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
-        # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
-        # title": "expirable access", "description": "Does not grant access after Sep
-        # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
-        # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
-        # members: - user:mike@example.com - group:admins@example.com - domain:google.
-        # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
-        # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
-        # roles/resourcemanager.organizationViewer condition: title: expirable access
-        # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
-        # description of IAM and its features, see the [IAM documentation](https://cloud.
-        # google.com/iam/docs/).
+        # A `binding` binds one or more `members`, or principals, to a single `role`.
+        # Principals can be user accounts, service accounts, Google groups, and domains (
+        # such as G Suite). A `role` is a named list of permissions; each `role` can be
+        # an IAM predefined role or a user-created custom role. For some types of Google
+        # Cloud resources, a `binding` can also specify a `condition`, which is a
+        # logical expression that allows access to a resource only if the expression
+        # evaluates to `true`. A condition can add constraints based on attributes of
+        # the request, the resource, or both. To learn which resources support
+        # conditions in their IAM policies, see the [IAM documentation](https://cloud.
+        # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+        # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
+        # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
+        # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
+        # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
+        # ], "condition": ` "title": "expirable access", "description": "Does not grant
+        # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
+        # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
+        # bindings: - members: - user:mike@example.com - group:admins@example.com -
+        # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
+        # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
+        # com role: roles/resourcemanager.organizationViewer condition: title: expirable
+        # access description: Does not grant access after Sep 2020 expression: request.
+        # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
+        # a description of IAM and its features, see the [IAM documentation](https://
+        # cloud.google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
         # @return [Google::Apis::ComputeV1::Policy]
         attr_accessor :policy
@@ -26149,17 +26744,17 @@ module Google
       class RegionUrlMapsValidateRequest
         include Google::Apis::Core::Hashable
       
-        # Represents a URL Map resource. Google Compute Engine has two URL Map resources:
-        # * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/
-        # docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of
-        # certain types of GCP load balancers and Traffic Director. * urlMaps are used
-        # by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are
-        # used by internal HTTP(S) load balancers. For a list of supported URL map
-        # features by load balancer type, see the Load balancing features: Routing and
+        # Represents a URL Map resource. Compute Engine has two URL Map resources: * [
+        # Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/
+        # reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain
+        # types of cloud load balancers and Traffic Director: * urlMaps are used by
+        # external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used
+        # by internal HTTP(S) load balancers. For a list of supported URL map features
+        # by the load balancer type, see the Load balancing features: Routing and
         # traffic management table. For a list of supported URL map features for Traffic
         # Director, see the Traffic Director features: Routing and traffic management
-        # table. This resource defines mappings from host names and URL paths to either
-        # a backend service or a backend bucket. To use the global urlMaps resource, the
+        # table. This resource defines mappings from hostnames and URL paths to either a
+        # backend service or a backend bucket. To use the global urlMaps resource, the
         # backend service must have a loadBalancingScheme of either EXTERNAL or
         # INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service
         # must have a loadBalancingScheme of INTERNAL_MANAGED. For more information,
@@ -26179,9 +26774,9 @@ module Google
       end
       
       # A policy that specifies how requests intended for the route's backends are
-      # shadowed to a separate mirrored backend service. Loadbalancer does not wait
-      # for responses from the shadow service. Prior to sending traffic to the shadow
-      # service, the host / authority header is suffixed with -shadow.
+      # shadowed to a separate mirrored backend service. The load balancer doesn't
+      # wait for responses from the shadow service. Before sending traffic to the
+      # shadow service, the host or authority header is suffixed with -shadow.
       class RequestMirrorPolicy
         include Google::Apis::Core::Hashable
       
@@ -28341,6 +28936,12 @@ module Google
         # @return [String]
         attr_accessor :enable
       
+        # Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.
+        # Corresponds to the JSON property `enableIpv6`
+        # @return [Boolean]
+        attr_accessor :enable_ipv6
+        alias_method :enable_ipv6?, :enable_ipv6
+      
         # Name of the interface the BGP peer is associated with.
         # Corresponds to the JSON property `interfaceName`
         # @return [String]
@@ -28352,6 +28953,11 @@ module Google
         # @return [String]
         attr_accessor :ip_address
       
+        # IPv6 address of the interface inside Google Cloud Platform.
+        # Corresponds to the JSON property `ipv6NexthopAddress`
+        # @return [String]
+        attr_accessor :ipv6_nexthop_address
+      
         # [Output Only] The resource that configures and manages this BGP peer. -
         # MANAGED_BY_USER is the default value and can be managed by you or other users -
         # MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud
@@ -28384,6 +28990,11 @@ module Google
         # @return [String]
         attr_accessor :peer_ip_address
       
+        # IPv6 address of the BGP interface outside Google Cloud Platform.
+        # Corresponds to the JSON property `peerIpv6NexthopAddress`
+        # @return [String]
+        attr_accessor :peer_ipv6_nexthop_address
+      
         # URI of the VM instance that is used as third-party router appliances such as
         # Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance
         # must be located in zones contained in the same region as this Cloud Router.
@@ -28404,12 +29015,15 @@ module Google
           @advertised_route_priority = args[:advertised_route_priority] if args.key?(:advertised_route_priority)
           @bfd = args[:bfd] if args.key?(:bfd)
           @enable = args[:enable] if args.key?(:enable)
+          @enable_ipv6 = args[:enable_ipv6] if args.key?(:enable_ipv6)
           @interface_name = args[:interface_name] if args.key?(:interface_name)
           @ip_address = args[:ip_address] if args.key?(:ip_address)
+          @ipv6_nexthop_address = args[:ipv6_nexthop_address] if args.key?(:ipv6_nexthop_address)
           @management_type = args[:management_type] if args.key?(:management_type)
           @name = args[:name] if args.key?(:name)
           @peer_asn = args[:peer_asn] if args.key?(:peer_asn)
           @peer_ip_address = args[:peer_ip_address] if args.key?(:peer_ip_address)
+          @peer_ipv6_nexthop_address = args[:peer_ipv6_nexthop_address] if args.key?(:peer_ipv6_nexthop_address)
           @router_appliance_instance = args[:router_appliance_instance] if args.key?(:router_appliance_instance)
         end
       end
@@ -28689,6 +29303,17 @@ module Google
         # @return [Array<String>]
         attr_accessor :drain_nat_ips
       
+        # Enable Dynamic Port Allocation. If not specified, it is disabled by default.
+        # If set to true, - Dynamic Port Allocation will be enabled on this NAT config. -
+        # enableEndpointIndependentMapping cannot be set to true. - If minPorts is set,
+        # minPortsPerVm must be set to a power of two greater than or equal to 32. If
+        # minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from
+        # this NAT config.
+        # Corresponds to the JSON property `enableDynamicPortAllocation`
+        # @return [Boolean]
+        attr_accessor :enable_dynamic_port_allocation
+        alias_method :enable_dynamic_port_allocation?, :enable_dynamic_port_allocation
+      
         # 
         # Corresponds to the JSON property `enableEndpointIndependentMapping`
         # @return [Boolean]
@@ -28705,6 +29330,17 @@ module Google
         # @return [Google::Apis::ComputeV1::RouterNatLogConfig]
         attr_accessor :log_config
       
+        # Maximum number of ports allocated to a VM from this NAT config when Dynamic
+        # Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this
+        # field has no effect. If Dynamic Port Allocation is enabled, and this field is
+        # set, it must be set to a power of two greater than minPortsPerVm, or 64 if
+        # minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field
+        # is not set, a maximum of 65536 ports will be allocated to a VM from this NAT
+        # config.
+        # Corresponds to the JSON property `maxPortsPerVm`
+        # @return [Fixnum]
+        attr_accessor :max_ports_per_vm
+      
         # Minimum number of ports allocated to a VM from this NAT config. If not set, a
         # default number of ports is allocated to a VM. This is rounded up to the
         # nearest power of 2. For example, if the value of this field is 50, at least 64
@@ -28789,9 +29425,11 @@ module Google
         # Update properties of this object
         def update!(**args)
           @drain_nat_ips = args[:drain_nat_ips] if args.key?(:drain_nat_ips)
+          @enable_dynamic_port_allocation = args[:enable_dynamic_port_allocation] if args.key?(:enable_dynamic_port_allocation)
           @enable_endpoint_independent_mapping = args[:enable_endpoint_independent_mapping] if args.key?(:enable_endpoint_independent_mapping)
           @icmp_idle_timeout_sec = args[:icmp_idle_timeout_sec] if args.key?(:icmp_idle_timeout_sec)
           @log_config = args[:log_config] if args.key?(:log_config)
+          @max_ports_per_vm = args[:max_ports_per_vm] if args.key?(:max_ports_per_vm)
           @min_ports_per_vm = args[:min_ports_per_vm] if args.key?(:min_ports_per_vm)
           @name = args[:name] if args.key?(:name)
           @nat_ip_allocate_option = args[:nat_ip_allocate_option] if args.key?(:nat_ip_allocate_option)
@@ -28856,7 +29494,8 @@ module Google
         # "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.
         # 0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'" The
         # following example is a valid match expression for private NAT: "nexthop.hub ==
-        # '/projects/my-project/global/hub/hub-1'"
+        # 'https://networkconnectivity.googleapis.com/v1alpha1/projects/my-project/
+        # global/hub/hub-1'"
         # Corresponds to the JSON property `match`
         # @return [String]
         attr_accessor :match
@@ -29449,6 +30088,171 @@ module Google
         end
       end
       
+      # DEPRECATED: Please use compute#savedDisk instead. An instance-attached disk
+      # resource.
+      class SavedAttachedDisk
+        include Google::Apis::Core::Hashable
+      
+        # Specifies whether the disk will be auto-deleted when the instance is deleted (
+        # but not when the disk is detached from the instance).
+        # Corresponds to the JSON property `autoDelete`
+        # @return [Boolean]
+        attr_accessor :auto_delete
+        alias_method :auto_delete?, :auto_delete
+      
+        # Indicates that this is a boot disk. The virtual machine will use the first
+        # partition of the disk for its root filesystem.
+        # Corresponds to the JSON property `boot`
+        # @return [Boolean]
+        attr_accessor :boot
+        alias_method :boot?, :boot
+      
+        # Specifies the name of the disk attached to the source instance.
+        # Corresponds to the JSON property `deviceName`
+        # @return [String]
+        attr_accessor :device_name
+      
+        # The encryption key for the disk.
+        # Corresponds to the JSON property `diskEncryptionKey`
+        # @return [Google::Apis::ComputeV1::CustomerEncryptionKey]
+        attr_accessor :disk_encryption_key
+      
+        # The size of the disk in base-2 GB.
+        # Corresponds to the JSON property `diskSizeGb`
+        # @return [Fixnum]
+        attr_accessor :disk_size_gb
+      
+        # [Output Only] URL of the disk type resource. For example: projects/project /
+        # zones/zone/diskTypes/pd-standard or pd-ssd
+        # Corresponds to the JSON property `diskType`
+        # @return [String]
+        attr_accessor :disk_type
+      
+        # A list of features to enable on the guest operating system. Applicable only
+        # for bootable images. Read Enabling guest operating system features to see a
+        # list of available options.
+        # Corresponds to the JSON property `guestOsFeatures`
+        # @return [Array<Google::Apis::ComputeV1::GuestOsFeature>]
+        attr_accessor :guest_os_features
+      
+        # Specifies zero-based index of the disk that is attached to the source instance.
+        # Corresponds to the JSON property `index`
+        # @return [Fixnum]
+        attr_accessor :index
+      
+        # Specifies the disk interface to use for attaching this disk, which is either
+        # SCSI or NVME.
+        # Corresponds to the JSON property `interface`
+        # @return [String]
+        attr_accessor :interface
+      
+        # [Output Only] Type of the resource. Always compute#attachedDisk for attached
+        # disks.
+        # Corresponds to the JSON property `kind`
+        # @return [String]
+        attr_accessor :kind
+      
+        # [Output Only] Any valid publicly visible licenses.
+        # Corresponds to the JSON property `licenses`
+        # @return [Array<String>]
+        attr_accessor :licenses
+      
+        # The mode in which this disk is attached to the source instance, either
+        # READ_WRITE or READ_ONLY.
+        # Corresponds to the JSON property `mode`
+        # @return [String]
+        attr_accessor :mode
+      
+        # Specifies a URL of the disk attached to the source instance.
+        # Corresponds to the JSON property `source`
+        # @return [String]
+        attr_accessor :source
+      
+        # [Output Only] A size of the storage used by the disk's snapshot by this
+        # machine image.
+        # Corresponds to the JSON property `storageBytes`
+        # @return [Fixnum]
+        attr_accessor :storage_bytes
+      
+        # [Output Only] An indicator whether storageBytes is in a stable state or it is
+        # being adjusted as a result of shared storage reallocation. This status can
+        # either be UPDATING, meaning the size of the snapshot is being updated, or
+        # UP_TO_DATE, meaning the size of the snapshot is up-to-date.
+        # Corresponds to the JSON property `storageBytesStatus`
+        # @return [String]
+        attr_accessor :storage_bytes_status
+      
+        # Specifies the type of the attached disk, either SCRATCH or PERSISTENT.
+        # Corresponds to the JSON property `type`
+        # @return [String]
+        attr_accessor :type
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @auto_delete = args[:auto_delete] if args.key?(:auto_delete)
+          @boot = args[:boot] if args.key?(:boot)
+          @device_name = args[:device_name] if args.key?(:device_name)
+          @disk_encryption_key = args[:disk_encryption_key] if args.key?(:disk_encryption_key)
+          @disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
+          @disk_type = args[:disk_type] if args.key?(:disk_type)
+          @guest_os_features = args[:guest_os_features] if args.key?(:guest_os_features)
+          @index = args[:index] if args.key?(:index)
+          @interface = args[:interface] if args.key?(:interface)
+          @kind = args[:kind] if args.key?(:kind)
+          @licenses = args[:licenses] if args.key?(:licenses)
+          @mode = args[:mode] if args.key?(:mode)
+          @source = args[:source] if args.key?(:source)
+          @storage_bytes = args[:storage_bytes] if args.key?(:storage_bytes)
+          @storage_bytes_status = args[:storage_bytes_status] if args.key?(:storage_bytes_status)
+          @type = args[:type] if args.key?(:type)
+        end
+      end
+      
+      # An instance-attached disk resource.
+      class SavedDisk
+        include Google::Apis::Core::Hashable
+      
+        # [Output Only] Type of the resource. Always compute#savedDisk for attached
+        # disks.
+        # Corresponds to the JSON property `kind`
+        # @return [String]
+        attr_accessor :kind
+      
+        # Specifies a URL of the disk attached to the source instance.
+        # Corresponds to the JSON property `sourceDisk`
+        # @return [String]
+        attr_accessor :source_disk
+      
+        # [Output Only] Size of the individual disk snapshot used by this machine image.
+        # Corresponds to the JSON property `storageBytes`
+        # @return [Fixnum]
+        attr_accessor :storage_bytes
+      
+        # [Output Only] An indicator whether storageBytes is in a stable state or it is
+        # being adjusted as a result of shared storage reallocation. This status can
+        # either be UPDATING, meaning the size of the snapshot is being updated, or
+        # UP_TO_DATE, meaning the size of the snapshot is up-to-date.
+        # Corresponds to the JSON property `storageBytesStatus`
+        # @return [String]
+        attr_accessor :storage_bytes_status
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @kind = args[:kind] if args.key?(:kind)
+          @source_disk = args[:source_disk] if args.key?(:source_disk)
+          @storage_bytes = args[:storage_bytes] if args.key?(:storage_bytes)
+          @storage_bytes_status = args[:storage_bytes_status] if args.key?(:storage_bytes_status)
+        end
+      end
+      
       # 
       class ScalingScheduleStatus
         include Google::Apis::Core::Hashable
@@ -29498,6 +30302,11 @@ module Google
         attr_accessor :automatic_restart
         alias_method :automatic_restart?, :automatic_restart
       
+        # Specifies the termination action for the instance.
+        # Corresponds to the JSON property `instanceTerminationAction`
+        # @return [String]
+        attr_accessor :instance_termination_action
+      
         # An opaque location hint used to place the instance close to other resources.
         # This field is for use by internal tools that use the public API.
         # Corresponds to the JSON property `locationHint`
@@ -29533,6 +30342,11 @@ module Google
         attr_accessor :preemptible
         alias_method :preemptible?, :preemptible
       
+        # Specifies the provisioning model of the instance.
+        # Corresponds to the JSON property `provisioningModel`
+        # @return [String]
+        attr_accessor :provisioning_model
+      
         def initialize(**args)
            update!(**args)
         end
@@ -29540,11 +30354,13 @@ module Google
         # Update properties of this object
         def update!(**args)
           @automatic_restart = args[:automatic_restart] if args.key?(:automatic_restart)
+          @instance_termination_action = args[:instance_termination_action] if args.key?(:instance_termination_action)
           @location_hint = args[:location_hint] if args.key?(:location_hint)
           @min_node_cpus = args[:min_node_cpus] if args.key?(:min_node_cpus)
           @node_affinities = args[:node_affinities] if args.key?(:node_affinities)
           @on_host_maintenance = args[:on_host_maintenance] if args.key?(:on_host_maintenance)
           @preemptible = args[:preemptible] if args.key?(:preemptible)
+          @provisioning_model = args[:provisioning_model] if args.key?(:provisioning_model)
         end
       end
       
@@ -29706,6 +30522,11 @@ module Google
         # @return [String]
         attr_accessor :name
       
+        # 
+        # Corresponds to the JSON property `recaptchaOptionsConfig`
+        # @return [Google::Apis::ComputeV1::SecurityPolicyRecaptchaOptionsConfig]
+        attr_accessor :recaptcha_options_config
+      
         # A list of rules that belong to this policy. There must always be a default
         # rule (rule with priority 2147483647 and match "*"). If no rules are provided
         # when creating a security policy, a default rule with action "allow" will be
@@ -29719,6 +30540,17 @@ module Google
         # @return [String]
         attr_accessor :self_link
       
+        # The type indicates the intended use of the security policy. CLOUD_ARMOR -
+        # Cloud Armor backend security policies can be configured to filter incoming
+        # HTTP requests targeting backend services. They filter requests before they hit
+        # the origin servers. CLOUD_ARMOR_EDGE - Cloud Armor edge security policies can
+        # be configured to filter incoming HTTP requests targeting backend services (
+        # including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They
+        # filter requests before the request is served from Google's cache.
+        # Corresponds to the JSON property `type`
+        # @return [String]
+        attr_accessor :type
+      
         def initialize(**args)
            update!(**args)
         end
@@ -29733,8 +30565,10 @@ module Google
           @id = args[:id] if args.key?(:id)
           @kind = args[:kind] if args.key?(:kind)
           @name = args[:name] if args.key?(:name)
+          @recaptcha_options_config = args[:recaptcha_options_config] if args.key?(:recaptcha_options_config)
           @rules = args[:rules] if args.key?(:rules)
           @self_link = args[:self_link] if args.key?(:self_link)
+          @type = args[:type] if args.key?(:type)
         end
       end
       
@@ -29921,6 +30755,29 @@ module Google
         end
       end
       
+      # 
+      class SecurityPolicyRecaptchaOptionsConfig
+        include Google::Apis::Core::Hashable
+      
+        # An optional field to supply a reCAPTCHA site key to be used for all the rules
+        # using the redirect action with the type of GOOGLE_RECAPTCHA under the security
+        # policy. The specified site key needs to be created from the reCAPTCHA API. The
+        # user is responsible for the validity of the specified site key. If not
+        # specified, a Google-managed site key is used.
+        # Corresponds to the JSON property `redirectSiteKey`
+        # @return [String]
+        attr_accessor :redirect_site_key
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @redirect_site_key = args[:redirect_site_key] if args.key?(:redirect_site_key)
+        end
+      end
+      
       # 
       class SecurityPolicyReference
         include Google::Apis::Core::Hashable
@@ -29945,9 +30802,17 @@ module Google
       class SecurityPolicyRule
         include Google::Apis::Core::Hashable
       
-        # The Action to perform when the client connection triggers the rule. Can
-        # currently be either "allow" or "deny()" where valid values for status are 403,
-        # 404, and 502.
+        # The Action to perform when the rule is matched. The following are the valid
+        # actions: - allow: allow access to target. - deny(): deny access to target,
+        # returns the HTTP response code specified (valid values are 403, 404, and 502).
+        # - rate_based_ban: limit client traffic to the configured threshold and ban the
+        # client if the traffic exceeds the threshold. Configure parameters for this
+        # action in RateLimitOptions. Requires rate_limit_options to be set. - redirect:
+        # redirect to a different target. This can either be an internal reCAPTCHA
+        # redirect, or an external URL-based redirect via a 302 response. Parameters for
+        # this action can be configured via redirectOptions. - throttle: limit client
+        # traffic to the configured threshold. Configure parameters for this action in
+        # rateLimitOptions. Requires rate_limit_options to be set for this.
         # Corresponds to the JSON property `action`
         # @return [String]
         attr_accessor :action
@@ -29958,6 +30823,11 @@ module Google
         # @return [String]
         attr_accessor :description
       
+        # Optional, additional actions that are performed on headers.
+        # Corresponds to the JSON property `headerAction`
+        # @return [Google::Apis::ComputeV1::SecurityPolicyRuleHttpHeaderAction]
+        attr_accessor :header_action
+      
         # [Output only] Type of the resource. Always compute#securityPolicyRule for
         # security policy rules
         # Corresponds to the JSON property `kind`
@@ -29984,6 +30854,18 @@ module Google
         # @return [Fixnum]
         attr_accessor :priority
       
+        # Must be specified if the action is "rate_based_ban" or "throttle". Cannot be
+        # specified for any other actions.
+        # Corresponds to the JSON property `rateLimitOptions`
+        # @return [Google::Apis::ComputeV1::SecurityPolicyRuleRateLimitOptions]
+        attr_accessor :rate_limit_options
+      
+        # Parameters defining the redirect action. Cannot be specified for any other
+        # actions.
+        # Corresponds to the JSON property `redirectOptions`
+        # @return [Google::Apis::ComputeV1::SecurityPolicyRuleRedirectOptions]
+        attr_accessor :redirect_options
+      
         def initialize(**args)
            update!(**args)
         end
@@ -29992,10 +30874,57 @@ module Google
         def update!(**args)
           @action = args[:action] if args.key?(:action)
           @description = args[:description] if args.key?(:description)
+          @header_action = args[:header_action] if args.key?(:header_action)
           @kind = args[:kind] if args.key?(:kind)
           @match = args[:match] if args.key?(:match)
           @preview = args[:preview] if args.key?(:preview)
           @priority = args[:priority] if args.key?(:priority)
+          @rate_limit_options = args[:rate_limit_options] if args.key?(:rate_limit_options)
+          @redirect_options = args[:redirect_options] if args.key?(:redirect_options)
+        end
+      end
+      
+      # 
+      class SecurityPolicyRuleHttpHeaderAction
+        include Google::Apis::Core::Hashable
+      
+        # The list of request headers to add or overwrite if they're already present.
+        # Corresponds to the JSON property `requestHeadersToAdds`
+        # @return [Array<Google::Apis::ComputeV1::SecurityPolicyRuleHttpHeaderActionHttpHeaderOption>]
+        attr_accessor :request_headers_to_adds
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @request_headers_to_adds = args[:request_headers_to_adds] if args.key?(:request_headers_to_adds)
+        end
+      end
+      
+      # 
+      class SecurityPolicyRuleHttpHeaderActionHttpHeaderOption
+        include Google::Apis::Core::Hashable
+      
+        # The name of the header to set.
+        # Corresponds to the JSON property `headerName`
+        # @return [String]
+        attr_accessor :header_name
+      
+        # The value to set the named header to.
+        # Corresponds to the JSON property `headerValue`
+        # @return [String]
+        attr_accessor :header_value
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @header_name = args[:header_name] if args.key?(:header_name)
+          @header_value = args[:header_value] if args.key?(:header_value)
         end
       end
       
@@ -30069,6 +30998,144 @@ module Google
         end
       end
       
+      # 
+      class SecurityPolicyRuleRateLimitOptions
+        include Google::Apis::Core::Hashable
+      
+        # Can only be specified if the action for the rule is "rate_based_ban". If
+        # specified, determines the time (in seconds) the traffic will continue to be
+        # banned by the rate limit after the rate falls below the threshold.
+        # Corresponds to the JSON property `banDurationSec`
+        # @return [Fixnum]
+        attr_accessor :ban_duration_sec
+      
+        # Can only be specified if the action for the rule is "rate_based_ban". If
+        # specified, the key will be banned for the configured 'ban_duration_sec' when
+        # the number of requests that exceed the 'rate_limit_threshold' also exceed this
+        # 'ban_threshold'.
+        # Corresponds to the JSON property `banThreshold`
+        # @return [Google::Apis::ComputeV1::SecurityPolicyRuleRateLimitOptionsThreshold]
+        attr_accessor :ban_threshold
+      
+        # Action to take for requests that are under the configured rate limit threshold.
+        # Valid option is "allow" only.
+        # Corresponds to the JSON property `conformAction`
+        # @return [String]
+        attr_accessor :conform_action
+      
+        # Determines the key to enforce the rate_limit_threshold on. Possible values are:
+        # - ALL: A single rate limit threshold is applied to all the requests matching
+        # this rule. This is the default value if this field 'enforce_on_key' is not
+        # configured. - IP: The source IP address of the request is the key. Each IP has
+        # this limit enforced separately. - HTTP_HEADER: The value of the HTTP header
+        # whose name is configured under "enforce_on_key_name". The key value is
+        # truncated to the first 128 bytes of the header value. If no such header is
+        # present in the request, the key type defaults to ALL. - XFF_IP: The first IP
+        # address (i.e. the originating client IP address) specified in the list of IPs
+        # under X-Forwarded-For HTTP header. If no such header is present or the value
+        # is not a valid IP, the key type defaults to ALL. - HTTP_COOKIE: The value of
+        # the HTTP cookie whose name is configured under "enforce_on_key_name". The key
+        # value is truncated to the first 128 bytes of the cookie value. If no such
+        # cookie is present in the request, the key type defaults to ALL.
+        # Corresponds to the JSON property `enforceOnKey`
+        # @return [String]
+        attr_accessor :enforce_on_key
+      
+        # Rate limit key name applicable only for the following key types: HTTP_HEADER --
+        # Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE --
+        # Name of the HTTP cookie whose value is taken as the key value.
+        # Corresponds to the JSON property `enforceOnKeyName`
+        # @return [String]
+        attr_accessor :enforce_on_key_name
+      
+        # Action to take for requests that are above the configured rate limit threshold,
+        # to either deny with a specified HTTP response code, or redirect to a
+        # different endpoint. Valid options are "deny()" where valid values for status
+        # are 403, 404, 429, and 502, and "redirect" where the redirect parameters come
+        # from exceed_redirect_options below.
+        # Corresponds to the JSON property `exceedAction`
+        # @return [String]
+        attr_accessor :exceed_action
+      
+        # Parameters defining the redirect action that is used as the exceed action.
+        # Cannot be specified if the exceed action is not redirect.
+        # Corresponds to the JSON property `exceedRedirectOptions`
+        # @return [Google::Apis::ComputeV1::SecurityPolicyRuleRedirectOptions]
+        attr_accessor :exceed_redirect_options
+      
+        # Threshold at which to begin ratelimiting.
+        # Corresponds to the JSON property `rateLimitThreshold`
+        # @return [Google::Apis::ComputeV1::SecurityPolicyRuleRateLimitOptionsThreshold]
+        attr_accessor :rate_limit_threshold
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @ban_duration_sec = args[:ban_duration_sec] if args.key?(:ban_duration_sec)
+          @ban_threshold = args[:ban_threshold] if args.key?(:ban_threshold)
+          @conform_action = args[:conform_action] if args.key?(:conform_action)
+          @enforce_on_key = args[:enforce_on_key] if args.key?(:enforce_on_key)
+          @enforce_on_key_name = args[:enforce_on_key_name] if args.key?(:enforce_on_key_name)
+          @exceed_action = args[:exceed_action] if args.key?(:exceed_action)
+          @exceed_redirect_options = args[:exceed_redirect_options] if args.key?(:exceed_redirect_options)
+          @rate_limit_threshold = args[:rate_limit_threshold] if args.key?(:rate_limit_threshold)
+        end
+      end
+      
+      # 
+      class SecurityPolicyRuleRateLimitOptionsThreshold
+        include Google::Apis::Core::Hashable
+      
+        # Number of HTTP(S) requests for calculating the threshold.
+        # Corresponds to the JSON property `count`
+        # @return [Fixnum]
+        attr_accessor :count
+      
+        # Interval over which the threshold is computed.
+        # Corresponds to the JSON property `intervalSec`
+        # @return [Fixnum]
+        attr_accessor :interval_sec
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @count = args[:count] if args.key?(:count)
+          @interval_sec = args[:interval_sec] if args.key?(:interval_sec)
+        end
+      end
+      
+      # 
+      class SecurityPolicyRuleRedirectOptions
+        include Google::Apis::Core::Hashable
+      
+        # Target for the redirect action. This is required if the type is EXTERNAL_302
+        # and cannot be specified for GOOGLE_RECAPTCHA.
+        # Corresponds to the JSON property `target`
+        # @return [String]
+        attr_accessor :target
+      
+        # Type of the redirect action.
+        # Corresponds to the JSON property `type`
+        # @return [String]
+        attr_accessor :type
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @target = args[:target] if args.key?(:target)
+          @type = args[:type] if args.key?(:type)
+        end
+      end
+      
       # The authentication and authorization settings for a BackendService.
       class SecuritySettings
         include Google::Apis::Core::Hashable
@@ -30246,6 +31313,13 @@ module Google
         # @return [String]
         attr_accessor :description
       
+        # If specified, the domain name will be used during the integration between the
+        # PSC connected endpoints and the Cloud DNS. For example, this is a valid domain
+        # name: "p.mycompany.com.". Current max number of domain names supported is 1.
+        # Corresponds to the JSON property `domainNames`
+        # @return [Array<String>]
+        attr_accessor :domain_names
+      
         # If true, enable the proxy protocol which is for supplying client TCP/IP
         # address data in TCP connections that traverse proxies on their way to
         # destination servers.
@@ -30334,6 +31408,7 @@ module Google
           @consumer_reject_lists = args[:consumer_reject_lists] if args.key?(:consumer_reject_lists)
           @creation_timestamp = args[:creation_timestamp] if args.key?(:creation_timestamp)
           @description = args[:description] if args.key?(:description)
+          @domain_names = args[:domain_names] if args.key?(:domain_names)
           @enable_proxy_protocol = args[:enable_proxy_protocol] if args.key?(:enable_proxy_protocol)
           @fingerprint = args[:fingerprint] if args.key?(:fingerprint)
           @id = args[:id] if args.key?(:id)
@@ -30740,6 +31815,12 @@ module Google
       class ShareSettings
         include Google::Apis::Core::Hashable
       
+        # A map of project id and project config. This is only valid when share_type's
+        # value is SPECIFIC_PROJECTS.
+        # Corresponds to the JSON property `projectMap`
+        # @return [Hash<String,Google::Apis::ComputeV1::ShareSettingsProjectConfig>]
+        attr_accessor :project_map
+      
         # Type of sharing for this shared-reservation
         # Corresponds to the JSON property `shareType`
         # @return [String]
@@ -30751,10 +31832,31 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @project_map = args[:project_map] if args.key?(:project_map)
           @share_type = args[:share_type] if args.key?(:share_type)
         end
       end
       
+      # Config for each project in the share settings.
+      class ShareSettingsProjectConfig
+        include Google::Apis::Core::Hashable
+      
+        # The project ID, should be same as the key of this project config in the parent
+        # map.
+        # Corresponds to the JSON property `projectId`
+        # @return [String]
+        attr_accessor :project_id
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @project_id = args[:project_id] if args.key?(:project_id)
+        end
+      end
+      
       # A set of Shielded Instance options.
       class ShieldedInstanceConfig
         include Google::Apis::Core::Hashable
@@ -31220,6 +32322,35 @@ module Google
         end
       end
       
+      # 
+      class SourceDiskEncryptionKey
+        include Google::Apis::Core::Hashable
+      
+        # The customer-supplied encryption key of the source disk. Required if the
+        # source disk is protected by a customer-supplied encryption key.
+        # Corresponds to the JSON property `diskEncryptionKey`
+        # @return [Google::Apis::ComputeV1::CustomerEncryptionKey]
+        attr_accessor :disk_encryption_key
+      
+        # URL of the disk attached to the source instance. This can be a full or valid
+        # partial URL. For example, the following are valid values: - https://www.
+        # googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/
+        # project/zones/zone/disks/disk - zones/zone/disks/disk
+        # Corresponds to the JSON property `sourceDisk`
+        # @return [String]
+        attr_accessor :source_disk
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @disk_encryption_key = args[:disk_encryption_key] if args.key?(:disk_encryption_key)
+          @source_disk = args[:source_disk] if args.key?(:source_disk)
+        end
+      end
+      
       # A specification of the parameters to use when creating the instance template
       # from a source instance.
       class SourceInstanceParams
@@ -31243,6 +32374,116 @@ module Google
         end
       end
       
+      # DEPRECATED: Please use compute#instanceProperties instead. New properties will
+      # not be added to this field.
+      class SourceInstanceProperties
+        include Google::Apis::Core::Hashable
+      
+        # Enables instances created based on this machine image to send packets with
+        # source IP addresses other than their own and receive packets with destination
+        # IP addresses other than their own. If these instances will be used as an IP
+        # gateway or it will be set as the next-hop in a Route resource, specify true.
+        # If unsure, leave this set to false. See the Enable IP forwarding documentation
+        # for more information.
+        # Corresponds to the JSON property `canIpForward`
+        # @return [Boolean]
+        attr_accessor :can_ip_forward
+        alias_method :can_ip_forward?, :can_ip_forward
+      
+        # Whether the instance created from this machine image should be protected
+        # against deletion.
+        # Corresponds to the JSON property `deletionProtection`
+        # @return [Boolean]
+        attr_accessor :deletion_protection
+        alias_method :deletion_protection?, :deletion_protection
+      
+        # An optional text description for the instances that are created from this
+        # machine image.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # An array of disks that are associated with the instances that are created from
+        # this machine image.
+        # Corresponds to the JSON property `disks`
+        # @return [Array<Google::Apis::ComputeV1::SavedAttachedDisk>]
+        attr_accessor :disks
+      
+        # A list of guest accelerator cards' type and count to use for instances created
+        # from this machine image.
+        # Corresponds to the JSON property `guestAccelerators`
+        # @return [Array<Google::Apis::ComputeV1::AcceleratorConfig>]
+        attr_accessor :guest_accelerators
+      
+        # Labels to apply to instances that are created from this machine image.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # The machine type to use for instances that are created from this machine image.
+        # Corresponds to the JSON property `machineType`
+        # @return [String]
+        attr_accessor :machine_type
+      
+        # A metadata key/value entry.
+        # Corresponds to the JSON property `metadata`
+        # @return [Google::Apis::ComputeV1::Metadata]
+        attr_accessor :metadata
+      
+        # Minimum cpu/platform to be used by instances created from this machine image.
+        # The instance may be scheduled on the specified or newer cpu/platform.
+        # Applicable values are the friendly names of CPU platforms, such as
+        # minCpuPlatform: "Intel Haswell" or minCpuPlatform: "Intel Sandy Bridge". For
+        # more information, read Specifying a Minimum CPU Platform.
+        # Corresponds to the JSON property `minCpuPlatform`
+        # @return [String]
+        attr_accessor :min_cpu_platform
+      
+        # An array of network access configurations for this interface.
+        # Corresponds to the JSON property `networkInterfaces`
+        # @return [Array<Google::Apis::ComputeV1::NetworkInterface>]
+        attr_accessor :network_interfaces
+      
+        # Sets the scheduling options for an Instance. NextID: 21
+        # Corresponds to the JSON property `scheduling`
+        # @return [Google::Apis::ComputeV1::Scheduling]
+        attr_accessor :scheduling
+      
+        # A list of service accounts with specified scopes. Access tokens for these
+        # service accounts are available to the instances that are created from this
+        # machine image. Use metadata queries to obtain the access tokens for these
+        # instances.
+        # Corresponds to the JSON property `serviceAccounts`
+        # @return [Array<Google::Apis::ComputeV1::ServiceAccount>]
+        attr_accessor :service_accounts
+      
+        # A set of instance tags.
+        # Corresponds to the JSON property `tags`
+        # @return [Google::Apis::ComputeV1::Tags]
+        attr_accessor :tags
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @can_ip_forward = args[:can_ip_forward] if args.key?(:can_ip_forward)
+          @deletion_protection = args[:deletion_protection] if args.key?(:deletion_protection)
+          @description = args[:description] if args.key?(:description)
+          @disks = args[:disks] if args.key?(:disks)
+          @guest_accelerators = args[:guest_accelerators] if args.key?(:guest_accelerators)
+          @labels = args[:labels] if args.key?(:labels)
+          @machine_type = args[:machine_type] if args.key?(:machine_type)
+          @metadata = args[:metadata] if args.key?(:metadata)
+          @min_cpu_platform = args[:min_cpu_platform] if args.key?(:min_cpu_platform)
+          @network_interfaces = args[:network_interfaces] if args.key?(:network_interfaces)
+          @scheduling = args[:scheduling] if args.key?(:scheduling)
+          @service_accounts = args[:service_accounts] if args.key?(:service_accounts)
+          @tags = args[:tags] if args.key?(:tags)
+        end
+      end
+      
       # Represents an SSL Certificate resource. Google Compute Engine has two SSL
       # Certificate resources: * [Global](/compute/docs/reference/rest/v1/
       # sslCertificates) * [Regional](/compute/docs/reference/rest/v1/
@@ -32171,8 +33412,9 @@ module Google
       
         # Whether to enable flow logging for this subnetwork. If this field is not
         # explicitly set, it will not appear in get listings. If not set the default
-        # behavior is to disable flow logging. This field isn't supported with the
-        # purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
+        # behavior is determined by the org policy, if there is no org policy specified,
+        # then it will default to disabled. This field isn't supported with the purpose
+        # field set to INTERNAL_HTTPS_LOAD_BALANCER.
         # Corresponds to the JSON property `enableFlowLogs`
         # @return [Boolean]
         attr_accessor :enable_flow_logs
@@ -32226,7 +33468,7 @@ module Google
         attr_accessor :ipv6_access_type
       
         # [Output Only] The range of internal IPv6 addresses that are owned by this
-        # subnetwork.
+        # subnetwork. Note this will be for private google access only eventually.
         # Corresponds to the JSON property `ipv6CidrRange`
         # @return [String]
         attr_accessor :ipv6_cidr_range
@@ -32619,7 +33861,8 @@ module Google
       
         # Whether to enable flow logging for this subnetwork. If this field is not
         # explicitly set, it will not appear in get listings. If not set the default
-        # behavior is to disable flow logging.
+        # behavior is determined by the org policy, if there is no org policy specified,
+        # then it will default to disabled.
         # Corresponds to the JSON property `enable`
         # @return [Boolean]
         attr_accessor :enable
@@ -32634,8 +33877,8 @@ module Google
         # Can only be specified if VPC flow logging for this subnetwork is enabled. The
         # value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs
         # within the subnetwork where 1.0 means all collected logs are reported and 0.0
-        # means no logs are reported. Default is 0.5, which means half of all collected
-        # logs are reported.
+        # means no logs are reported. Default is 0.5 unless otherwise specified by the
+        # org policy, which means half of all collected logs are reported.
         # Corresponds to the JSON property `flowSampling`
         # @return [Float]
         attr_accessor :flow_sampling
@@ -36017,7 +37260,7 @@ module Google
       class TestFailure
         include Google::Apis::Core::Hashable
       
-        # The actual output URL evaluated by load balancer containing the scheme, host,
+        # The actual output URL evaluated by a load balancer containing the scheme, host,
         # path and query parameters.
         # Corresponds to the JSON property `actualOutputUrl`
         # @return [String]
@@ -36034,8 +37277,8 @@ module Google
         # @return [String]
         attr_accessor :actual_service
       
-        # The expected output URL evaluated by load balancer containing the scheme, host,
-        # path and query parameters.
+        # The expected output URL evaluated by a load balancer containing the scheme,
+        # host, path and query parameters.
         # Corresponds to the JSON property `expectedOutputUrl`
         # @return [String]
         attr_accessor :expected_output_url
@@ -36149,17 +37392,17 @@ module Google
         end
       end
       
-      # Represents a URL Map resource. Google Compute Engine has two URL Map resources:
-      # * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/
-      # docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of
-      # certain types of GCP load balancers and Traffic Director. * urlMaps are used
-      # by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are
-      # used by internal HTTP(S) load balancers. For a list of supported URL map
-      # features by load balancer type, see the Load balancing features: Routing and
+      # Represents a URL Map resource. Compute Engine has two URL Map resources: * [
+      # Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/
+      # reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain
+      # types of cloud load balancers and Traffic Director: * urlMaps are used by
+      # external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used
+      # by internal HTTP(S) load balancers. For a list of supported URL map features
+      # by the load balancer type, see the Load balancing features: Routing and
       # traffic management table. For a list of supported URL map features for Traffic
       # Director, see the Traffic Director features: Routing and traffic management
-      # table. This resource defines mappings from host names and URL paths to either
-      # a backend service or a backend bucket. To use the global urlMaps resource, the
+      # table. This resource defines mappings from hostnames and URL paths to either a
+      # backend service or a backend bucket. To use the global urlMaps resource, the
       # backend service must have a loadBalancingScheme of either EXTERNAL or
       # INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service
       # must have a loadBalancingScheme of INTERNAL_MANAGED. For more information,
@@ -36173,28 +37416,28 @@ module Google
         attr_accessor :creation_timestamp
       
         # defaultRouteAction takes effect when none of the hostRules match. The load
-        # balancer performs advanced routing actions like URL rewrites, header
-        # transformations, etc. prior to forwarding the request to the selected backend.
-        # If defaultRouteAction specifies any weightedBackendServices, defaultService
-        # must not be set. Conversely if defaultService is set, defaultRouteAction
-        # cannot contain any weightedBackendServices. Only one of defaultRouteAction or
+        # balancer performs advanced routing actions, such as URL rewrites and header
+        # transformations, before forwarding the request to the selected backend. If
+        # defaultRouteAction specifies any weightedBackendServices, defaultService must
+        # not be set. Conversely if defaultService is set, defaultRouteAction cannot
+        # contain any weightedBackendServices. Only one of defaultRouteAction or
         # defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers
         # support only the urlRewrite action within defaultRouteAction.
-        # defaultRouteAction has no effect when the URL map is bound to target gRPC
-        # proxy that has validateForProxyless field set to true.
+        # defaultRouteAction has no effect when the URL map is bound to a target gRPC
+        # proxy that has the validateForProxyless field set to true.
         # Corresponds to the JSON property `defaultRouteAction`
         # @return [Google::Apis::ComputeV1::HttpRouteAction]
         attr_accessor :default_route_action
       
         # The full or partial URL of the defaultService resource to which traffic is
-        # directed if none of the hostRules match. If defaultRouteAction is additionally
-        # specified, advanced routing actions like URL Rewrites, etc. take effect prior
-        # to sending the request to the backend. However, if defaultService is specified,
+        # directed if none of the hostRules match. If defaultRouteAction is also
+        # specified, advanced routing actions, such as URL rewrites, take effect before
+        # sending the request to the backend. However, if defaultService is specified,
         # defaultRouteAction cannot contain any weightedBackendServices. Conversely, if
         # routeAction specifies any weightedBackendServices, service must not be
-        # specified. Only one of defaultService, defaultUrlRedirect or
+        # specified. Only one of defaultService, defaultUrlRedirect , or
         # defaultRouteAction.weightedBackendService must be set. defaultService has no
-        # effect when the URL map is bound to target gRPC proxy that has
+        # effect when the URL map is bound to a target gRPC proxy that has the
         # validateForProxyless field set to true.
         # Corresponds to the JSON property `defaultService`
         # @return [String]
@@ -36212,11 +37455,10 @@ module Google
         attr_accessor :description
       
         # Fingerprint of this resource. A hash of the contents stored in this object.
-        # This field is used in optimistic locking. This field will be ignored when
-        # inserting a UrlMap. An up-to-date fingerprint must be provided in order to
-        # update the UrlMap, otherwise the request will fail with error 412
-        # conditionNotMet. To see the latest fingerprint, make a get() request to
-        # retrieve a UrlMap.
+        # This field is used in optimistic locking. This field is ignored when inserting
+        # a UrlMap. An up-to-date fingerprint must be provided in order to update the
+        # UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see
+        # the latest fingerprint, make a get() request to retrieve a UrlMap.
         # Corresponds to the JSON property `fingerprint`
         # NOTE: Values are automatically base64 encoded/decoded in the client library.
         # @return [String]
@@ -36228,7 +37470,7 @@ module Google
         # @return [Google::Apis::ComputeV1::HttpHeaderAction]
         attr_accessor :header_action
       
-        # The list of HostRules to use against the URL.
+        # The list of host rules to use against the URL.
         # Corresponds to the JSON property `hostRules`
         # @return [Array<Google::Apis::ComputeV1::HostRule>]
         attr_accessor :host_rules
@@ -36271,10 +37513,10 @@ module Google
         # @return [String]
         attr_accessor :self_link
       
-        # The list of expected URL mapping tests. Request to update this UrlMap will
-        # succeed only if all of the test cases pass. You can specify a maximum of 100
-        # tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy
-        # that has validateForProxyless field set to true.
+        # The list of expected URL mapping tests. Request to update the UrlMap succeeds
+        # only if all test cases pass. You can specify a maximum of 100 tests per UrlMap.
+        # Not supported when the URL map is bound to a target gRPC proxy that has
+        # validateForProxyless field set to true.
         # Corresponds to the JSON property `tests`
         # @return [Array<Google::Apis::ComputeV1::UrlMapTest>]
         attr_accessor :tests
@@ -36448,18 +37690,18 @@ module Google
         # @return [String]
         attr_accessor :description
       
-        # The expected output URL evaluated by load balancer containing the scheme, host,
-        # path and query parameters. For rules that forward requests to backends, the
-        # test passes only when expectedOutputUrl matches the request forwarded by load
-        # balancer to backends. For rules with urlRewrite, the test verifies that the
-        # forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite
-        # action. When service is specified, expectedOutputUrl`s scheme is ignored. For
-        # rules with urlRedirect, the test passes only if expectedOutputUrl matches the
-        # URL in the load balancer's redirect response. If urlRedirect specifies
-        # https_redirect, the test passes only if the scheme in expectedOutputUrl is
-        # also set to https. If urlRedirect specifies strip_query, the test passes only
-        # if expectedOutputUrl does not contain any query parameters. expectedOutputUrl
-        # is optional when service is specified.
+        # The expected output URL evaluated by the load balancer containing the scheme,
+        # host, path and query parameters. For rules that forward requests to backends,
+        # the test passes only when expectedOutputUrl matches the request forwarded by
+        # the load balancer to backends. For rules with urlRewrite, the test verifies
+        # that the forwarded request matches hostRewrite and pathPrefixRewrite in the
+        # urlRewrite action. When service is specified, expectedOutputUrl`s scheme is
+        # ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl
+        # matches the URL in the load balancer's redirect response. If urlRedirect
+        # specifies https_redirect, the test passes only if the scheme in
+        # expectedOutputUrl is also set to HTTPS. If urlRedirect specifies strip_query,
+        # the test passes only if expectedOutputUrl does not contain any query
+        # parameters. expectedOutputUrl is optional when service is specified.
         # Corresponds to the JSON property `expectedOutputUrl`
         # @return [String]
         attr_accessor :expected_output_url
@@ -36490,7 +37732,8 @@ module Google
         attr_accessor :path
       
         # Expected BackendService or BackendBucket resource the given URL should be
-        # mapped to. service cannot be set if expectedRedirectResponseCode is set.
+        # mapped to. The service field cannot be set if expectedRedirectResponseCode is
+        # set.
         # Corresponds to the JSON property `service`
         # @return [String]
         attr_accessor :service
@@ -36795,17 +38038,17 @@ module Google
       class ValidateUrlMapsRequest
         include Google::Apis::Core::Hashable
       
-        # Represents a URL Map resource. Google Compute Engine has two URL Map resources:
-        # * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/
-        # docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of
-        # certain types of GCP load balancers and Traffic Director. * urlMaps are used
-        # by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are
-        # used by internal HTTP(S) load balancers. For a list of supported URL map
-        # features by load balancer type, see the Load balancing features: Routing and
+        # Represents a URL Map resource. Compute Engine has two URL Map resources: * [
+        # Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/
+        # reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain
+        # types of cloud load balancers and Traffic Director: * urlMaps are used by
+        # external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used
+        # by internal HTTP(S) load balancers. For a list of supported URL map features
+        # by the load balancer type, see the Load balancing features: Routing and
         # traffic management table. For a list of supported URL map features for Traffic
         # Director, see the Traffic Director features: Routing and traffic management
-        # table. This resource defines mappings from host names and URL paths to either
-        # a backend service or a backend bucket. To use the global urlMaps resource, the
+        # table. This resource defines mappings from hostnames and URL paths to either a
+        # backend service or a backend bucket. To use the global urlMaps resource, the
         # backend service must have a loadBalancingScheme of either EXTERNAL or
         # INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service
         # must have a loadBalancingScheme of INTERNAL_MANAGED. For more information,
@@ -36848,16 +38091,16 @@ module Google
       class UrlRewrite
         include Google::Apis::Core::Hashable
       
-        # Prior to forwarding the request to the selected service, the request's host
-        # header is replaced with contents of hostRewrite. The value must be between 1
-        # and 255 characters.
+        # Before forwarding the request to the selected service, the request's host
+        # header is replaced with contents of hostRewrite. The value must be from 1 to
+        # 255 characters.
         # Corresponds to the JSON property `hostRewrite`
         # @return [String]
         attr_accessor :host_rewrite
       
-        # Prior to forwarding the request to the selected backend service, the matching
+        # Before forwarding the request to the selected backend service, the matching
         # portion of the request's path is replaced by pathPrefixRewrite. The value must
-        # be between 1 and 1024 characters.
+        # be from 1 to 1024 characters.
         # Corresponds to the JSON property `pathPrefixRewrite`
         # @return [String]
         attr_accessor :path_prefix_rewrite
@@ -37367,6 +38610,12 @@ module Google
         # @return [String]
         attr_accessor :self_link
       
+        # The stack type for this VPN gateway to identify the IP protocols that are
+        # enabled. If not specified, IPV4_ONLY will be used.
+        # Corresponds to the JSON property `stackType`
+        # @return [String]
+        attr_accessor :stack_type
+      
         # The list of VPN interfaces associated with this VPN gateway.
         # Corresponds to the JSON property `vpnInterfaces`
         # @return [Array<Google::Apis::ComputeV1::VpnGatewayVpnGatewayInterface>]
@@ -37388,6 +38637,7 @@ module Google
           @network = args[:network] if args.key?(:network)
           @region = args[:region] if args.key?(:region)
           @self_link = args[:self_link] if args.key?(:self_link)
+          @stack_type = args[:stack_type] if args.key?(:stack_type)
           @vpn_interfaces = args[:vpn_interfaces] if args.key?(:vpn_interfaces)
         end
       end
@@ -38490,14 +39740,13 @@ module Google
       
       # In contrast to a single BackendService in HttpRouteAction to which all
       # matching traffic is directed to, WeightedBackendService allows traffic to be
-      # split across multiple BackendServices. The volume of traffic for each
-      # BackendService is proportional to the weight specified in each
-      # WeightedBackendService
+      # split across multiple backend services. The volume of traffic for each backend
+      # service is proportional to the weight specified in each WeightedBackendService
       class WeightedBackendService
         include Google::Apis::Core::Hashable
       
         # The full or partial URL to the default BackendService resource. Before
-        # forwarding the request to backendService, the loadbalancer applies any
+        # forwarding the request to backendService, the load balancer applies any
         # relevant headerActions specified as part of this backendServiceWeight.
         # Corresponds to the JSON property `backendService`
         # @return [String]
@@ -38509,12 +39758,12 @@ module Google
         # @return [Google::Apis::ComputeV1::HttpHeaderAction]
         attr_accessor :header_action
       
-        # Specifies the fraction of traffic sent to backendService, computed as weight /
-        # (sum of all weightedBackendService weights in routeAction) . The selection of
-        # a backend service is determined only for new traffic. Once a user's request
-        # has been directed to a backendService, subsequent requests will be sent to the
-        # same backendService as determined by the BackendService's session affinity
-        # policy. The value must be between 0 and 1000
+        # Specifies the fraction of traffic sent to a backend service, computed as
+        # weight / (sum of all weightedBackendService weights in routeAction) . The
+        # selection of a backend service is determined only for new traffic. Once a user'
+        # s request has been directed to a backend service, subsequent requests are sent
+        # to the same backend service as determined by the backend service's session
+        # affinity policy. The value must be from 0 to 1000.
         # Corresponds to the JSON property `weight`
         # @return [Fixnum]
         attr_accessor :weight
@@ -38924,31 +40173,31 @@ module Google
       
         # An Identity and Access Management (IAM) policy, which specifies access
         # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
-        # A `binding` binds one or more `members` to a single `role`. Members can be
-        # user accounts, service accounts, Google groups, and domains (such as G Suite).
-        # A `role` is a named list of permissions; each `role` can be an IAM predefined
-        # role or a user-created custom role. For some types of Google Cloud resources,
-        # a `binding` can also specify a `condition`, which is a logical expression that
-        # allows access to a resource only if the expression evaluates to `true`. A
-        # condition can add constraints based on attributes of the request, the resource,
-        # or both. To learn which resources support conditions in their IAM policies,
-        # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
-        # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
-        # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
-        # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
-        # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
-        # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
-        # title": "expirable access", "description": "Does not grant access after Sep
-        # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
-        # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
-        # members: - user:mike@example.com - group:admins@example.com - domain:google.
-        # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
-        # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
-        # roles/resourcemanager.organizationViewer condition: title: expirable access
-        # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
-        # description of IAM and its features, see the [IAM documentation](https://cloud.
-        # google.com/iam/docs/).
+        # A `binding` binds one or more `members`, or principals, to a single `role`.
+        # Principals can be user accounts, service accounts, Google groups, and domains (
+        # such as G Suite). A `role` is a named list of permissions; each `role` can be
+        # an IAM predefined role or a user-created custom role. For some types of Google
+        # Cloud resources, a `binding` can also specify a `condition`, which is a
+        # logical expression that allows access to a resource only if the expression
+        # evaluates to `true`. A condition can add constraints based on attributes of
+        # the request, the resource, or both. To learn which resources support
+        # conditions in their IAM policies, see the [IAM documentation](https://cloud.
+        # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+        # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
+        # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
+        # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
+        # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
+        # ], "condition": ` "title": "expirable access", "description": "Does not grant
+        # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
+        # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
+        # bindings: - members: - user:mike@example.com - group:admins@example.com -
+        # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
+        # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
+        # com role: roles/resourcemanager.organizationViewer condition: title: expirable
+        # access description: Does not grant access after Sep 2020 expression: request.
+        # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
+        # a description of IAM and its features, see the [IAM documentation](https://
+        # cloud.google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
         # @return [Google::Apis::ComputeV1::Policy]
         attr_accessor :policy