google-apis-gkehub_v1alpha 0.12.0 → 0.16.0

data/lib/google/apis/gkehub_v1alpha/classes.rb

@@ -22,6 +22,38 @@ module Google
   module Apis
     module GkehubV1alpha
       
+      # Spec for App Dev Experience Feature.
+      class AppDevExperienceFeatureSpec
+        include Google::Apis::Core::Hashable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+        end
+      end
+      
+      # State for App Dev Exp Feature.
+      class AppDevExperienceFeatureState
+        include Google::Apis::Core::Hashable
+      
+        # Status specifies state for the subcomponent.
+        # Corresponds to the JSON property `networkingInstallSucceeded`
+        # @return [Google::Apis::GkehubV1alpha::Status]
+        attr_accessor :networking_install_succeeded
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @networking_install_succeeded = args[:networking_install_succeeded] if args.key?(:networking_install_succeeded)
+        end
+      end
+      
       # Specifies the audit configuration for a service. The configuration determines
       # which permission types are logged, and what identities, if any, are exempted
       # from logging. An AuditConfig must have one or more AuditLogConfigs. If there
@@ -147,7 +179,7 @@ module Google
         end
       end
       
-      # Associates `members` with a `role`.
+      # Associates `members`, or principals, with a `role`.
       class Binding
         include Google::Apis::Core::Hashable
       
@@ -170,7 +202,7 @@ module Google
         # @return [Google::Apis::GkehubV1alpha::Expr]
         attr_accessor :condition
       
-        # Specifies the identities requesting access for a Cloud Platform resource. `
+        # Specifies the principals requesting access for a Cloud Platform resource. `
         # members` can have the following values: * `allUsers`: A special identifier
         # that represents anyone who is on the internet; with or without a Google
         # account. * `allAuthenticatedUsers`: A special identifier that represents
@@ -200,8 +232,8 @@ module Google
         # @return [Array<String>]
         attr_accessor :members
       
-        # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`
-        # , or `roles/owner`.
+        # Role that is assigned to the list of `members`, or principals. For example, `
+        # roles/viewer`, `roles/editor`, or `roles/owner`.
         # Corresponds to the JSON property `role`
         # @return [String]
         attr_accessor :role
@@ -258,6 +290,11 @@ module Google
       class CommonFeatureSpec
         include Google::Apis::Core::Hashable
       
+        # Spec for App Dev Experience Feature.
+        # Corresponds to the JSON property `appdevexperience`
+        # @return [Google::Apis::GkehubV1alpha::AppDevExperienceFeatureSpec]
+        attr_accessor :appdevexperience
+      
         # **Cloud Audit Logging**: Spec for Audit Logging Allowlisting.
         # Corresponds to the JSON property `cloudauditlogging`
         # @return [Google::Apis::GkehubV1alpha::CloudAuditLoggingFeatureSpec]
@@ -275,6 +312,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @appdevexperience = args[:appdevexperience] if args.key?(:appdevexperience)
           @cloudauditlogging = args[:cloudauditlogging] if args.key?(:cloudauditlogging)
           @multiclusteringress = args[:multiclusteringress] if args.key?(:multiclusteringress)
         end
@@ -284,6 +322,11 @@ module Google
       class CommonFeatureState
         include Google::Apis::Core::Hashable
       
+        # State for App Dev Exp Feature.
+        # Corresponds to the JSON property `appdevexperience`
+        # @return [Google::Apis::GkehubV1alpha::AppDevExperienceFeatureState]
+        attr_accessor :appdevexperience
+      
         # **Service Mesh**: State for the whole Hub, as analyzed by the Service Mesh Hub
         # Controller.
         # Corresponds to the JSON property `servicemesh`
@@ -303,6 +346,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @appdevexperience = args[:appdevexperience] if args.key?(:appdevexperience)
           @servicemesh = args[:servicemesh] if args.key?(:servicemesh)
           @state = args[:state] if args.key?(:state)
         end
@@ -391,6 +435,14 @@ module Google
         # @return [Google::Apis::GkehubV1alpha::ConfigManagementGitConfig]
         attr_accessor :git
       
+        # Set to true to enable the Config Sync admission webhook to prevent drifts. If
+        # set to `false`, disables the Config Sync admission webhook and does not
+        # prevent drifts.
+        # Corresponds to the JSON property `preventDrift`
+        # @return [Boolean]
+        attr_accessor :prevent_drift
+        alias_method :prevent_drift?, :prevent_drift
+      
         # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured”
         # mode.
         # Corresponds to the JSON property `sourceFormat`
@@ -405,6 +457,7 @@ module Google
         def update!(**args)
           @enabled = args[:enabled] if args.key?(:enabled)
           @git = args[:git] if args.key?(:git)
+          @prevent_drift = args[:prevent_drift] if args.key?(:prevent_drift)
           @source_format = args[:source_format] if args.key?(:source_format)
         end
       end
@@ -639,7 +692,9 @@ module Google
         # @return [String]
         attr_accessor :policy_dir
       
-        # Type of secret configured for access to the Git repo.
+        # Type of secret configured for access to the Git repo. Must be one of ssh,
+        # cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this
+        # is case-sensitive. Required.
         # Corresponds to the JSON property `secretType`
         # @return [String]
         attr_accessor :secret_type
@@ -1173,6 +1228,33 @@ module Google
         end
       end
       
+      # ConnectAgentResource represents a Kubernetes resource manifest for Connect
+      # Agent deployment.
+      class ConnectAgentResource
+        include Google::Apis::Core::Hashable
+      
+        # YAML manifest of the resource.
+        # Corresponds to the JSON property `manifest`
+        # @return [String]
+        attr_accessor :manifest
+      
+        # TypeMeta is the type information needed for content unmarshalling of
+        # Kubernetes resources in the manifest.
+        # Corresponds to the JSON property `type`
+        # @return [Google::Apis::GkehubV1alpha::TypeMeta]
+        attr_accessor :type
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @manifest = args[:manifest] if args.key?(:manifest)
+          @type = args[:type] if args.key?(:type)
+        end
+      end
+      
       # A generic empty message that you can re-use to avoid defining duplicated empty
       # messages in your APIs. A typical example is to use it as the request or the
       # response type of an API method. For instance: service Foo ` rpc Bar(google.
@@ -1389,6 +1471,93 @@ module Google
         end
       end
       
+      # Fleet contains the Fleet-wide metadata and configuration.
+      class Fleet
+        include Google::Apis::Core::Hashable
+      
+        # Output only. When the Fleet was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Output only. When the Fleet was deleted.
+        # Corresponds to the JSON property `deleteTime`
+        # @return [String]
+        attr_accessor :delete_time
+      
+        # Optional. A user-assigned display name of the Fleet. When present, it must be
+        # between 4 to 30 characters. Allowed characters are: lowercase and uppercase
+        # letters, numbers, hyphen, single-quote, double-quote, space, and exclamation
+        # point. Example: `Production Fleet`
+        # Corresponds to the JSON property `displayName`
+        # @return [String]
+        attr_accessor :display_name
+      
+        # The name for the fleet. The name must meet the following constraints: + The
+        # name of a fleet should be unique within the organization; + It must consist of
+        # lower case alphanumeric characters or `-`; + The length of the name must be
+        # less than or equal to 63; + Unicode names must be expressed in Punycode format
+        # (rfc3492). Examples: + prod-fleet + xn--wlq33vhyw9jb （Punycode form for "生产环境")
+        # Corresponds to the JSON property `fleetName`
+        # @return [String]
+        attr_accessor :fleet_name
+      
+        # Output only. The full, unique resource name of this fleet in the format of `
+        # projects/`project`/locations/`location`/fleets/`fleet``. Each GCP project can
+        # have at most one fleet resource, named "default".
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Output only. Google-generated UUID for this resource. This is unique across
+        # all Fleet resources. If a Fleet resource is deleted and another resource with
+        # the same name is created, it gets a different uid.
+        # Corresponds to the JSON property `uid`
+        # @return [String]
+        attr_accessor :uid
+      
+        # Output only. When the Fleet was last updated.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @delete_time = args[:delete_time] if args.key?(:delete_time)
+          @display_name = args[:display_name] if args.key?(:display_name)
+          @fleet_name = args[:fleet_name] if args.key?(:fleet_name)
+          @name = args[:name] if args.key?(:name)
+          @uid = args[:uid] if args.key?(:uid)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # GenerateConnectManifestResponse contains manifest information for installing/
+      # upgrading a Connect agent.
+      class GenerateConnectManifestResponse
+        include Google::Apis::Core::Hashable
+      
+        # The ordered list of Kubernetes resources that need to be applied to the
+        # cluster for GKE Connect agent installation/upgrade.
+        # Corresponds to the JSON property `manifest`
+        # @return [Array<Google::Apis::GkehubV1alpha::ConnectAgentResource>]
+        attr_accessor :manifest
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @manifest = args[:manifest] if args.key?(:manifest)
+        end
+      end
+      
       # GkeCluster contains information specific to GKE clusters.
       class GkeCluster
         include Google::Apis::Core::Hashable
@@ -1685,6 +1854,61 @@ module Google
         end
       end
       
+      # KubernetesResource contains the YAML manifests and configuration for
+      # Membership Kubernetes resources in the cluster. After CreateMembership or
+      # UpdateMembership, these resources should be re-applied in the cluster.
+      class KubernetesResource
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The Kubernetes resources for installing the GKE Connect agent
+        # This field is only populated in the Membership returned from a successful long-
+        # running operation from CreateMembership or UpdateMembership. It is not
+        # populated during normal GetMembership or ListMemberships requests. To get the
+        # resource manifest after the initial registration, the caller should make a
+        # UpdateMembership call with an empty field mask.
+        # Corresponds to the JSON property `connectResources`
+        # @return [Array<Google::Apis::GkehubV1alpha::ResourceManifest>]
+        attr_accessor :connect_resources
+      
+        # Input only. The YAML representation of the Membership CR. This field is
+        # ignored for GKE clusters where Hub can read the CR directly. Callers should
+        # provide the CR that is currently present in the cluster during
+        # CreateMembership or UpdateMembership, or leave this field empty if none exists.
+        # The CR manifest is used to validate the cluster has not been registered with
+        # another Membership.
+        # Corresponds to the JSON property `membershipCrManifest`
+        # @return [String]
+        attr_accessor :membership_cr_manifest
+      
+        # Output only. Additional Kubernetes resources that need to be applied to the
+        # cluster after Membership creation, and after every update. This field is only
+        # populated in the Membership returned from a successful long-running operation
+        # from CreateMembership or UpdateMembership. It is not populated during normal
+        # GetMembership or ListMemberships requests. To get the resource manifest after
+        # the initial registration, the caller should make a UpdateMembership call with
+        # an empty field mask.
+        # Corresponds to the JSON property `membershipResources`
+        # @return [Array<Google::Apis::GkehubV1alpha::ResourceManifest>]
+        attr_accessor :membership_resources
+      
+        # ResourceOptions represent options for Kubernetes resource generation.
+        # Corresponds to the JSON property `resourceOptions`
+        # @return [Google::Apis::GkehubV1alpha::ResourceOptions]
+        attr_accessor :resource_options
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @connect_resources = args[:connect_resources] if args.key?(:connect_resources)
+          @membership_cr_manifest = args[:membership_cr_manifest] if args.key?(:membership_cr_manifest)
+          @membership_resources = args[:membership_resources] if args.key?(:membership_resources)
+          @resource_options = args[:resource_options] if args.key?(:resource_options)
+        end
+      end
+      
       # Response message for the `GkeHub.ListAdminClusterMemberships` method.
       class ListAdminClusterMembershipsResponse
         include Google::Apis::Core::Hashable
@@ -1769,6 +1993,39 @@ module Google
         end
       end
       
+      # Response message for the `GkeHub.ListMemberships` method.
+      class ListMembershipsResponse
+        include Google::Apis::Core::Hashable
+      
+        # A token to request the next page of resources from the `ListMemberships`
+        # method. The value of an empty string means that there are no more resources to
+        # return.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # The list of matching Memberships.
+        # Corresponds to the JSON property `resources`
+        # @return [Array<Google::Apis::GkehubV1alpha::Membership>]
+        attr_accessor :resources
+      
+        # List of locations that could not be reached while fetching this list.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @resources = args[:resources] if args.key?(:resources)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+        end
+      end
+      
       # The response message for Operations.ListOperations.
       class ListOperationsResponse
         include Google::Apis::Core::Hashable
@@ -1960,6 +2217,13 @@ module Google
         # @return [Google::Apis::GkehubV1alpha::KubernetesMetadata]
         attr_accessor :kubernetes_metadata
       
+        # KubernetesResource contains the YAML manifests and configuration for
+        # Membership Kubernetes resources in the cluster. After CreateMembership or
+        # UpdateMembership, these resources should be re-applied in the cluster.
+        # Corresponds to the JSON property `kubernetesResource`
+        # @return [Google::Apis::GkehubV1alpha::KubernetesResource]
+        attr_accessor :kubernetes_resource
+      
         # MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.
         # Corresponds to the JSON property `multiCloudCluster`
         # @return [Google::Apis::GkehubV1alpha::MultiCloudCluster]
@@ -1978,6 +2242,7 @@ module Google
         def update!(**args)
           @gke_cluster = args[:gke_cluster] if args.key?(:gke_cluster)
           @kubernetes_metadata = args[:kubernetes_metadata] if args.key?(:kubernetes_metadata)
+          @kubernetes_resource = args[:kubernetes_resource] if args.key?(:kubernetes_resource)
           @multi_cloud_cluster = args[:multi_cloud_cluster] if args.key?(:multi_cloud_cluster)
           @on_prem_cluster = args[:on_prem_cluster] if args.key?(:on_prem_cluster)
         end
@@ -1999,6 +2264,11 @@ module Google
         # @return [Google::Apis::GkehubV1alpha::IdentityServiceMembershipSpec]
         attr_accessor :identityservice
       
+        # **Service Mesh**: Spec for a single Membership for the servicemesh feature
+        # Corresponds to the JSON property `mesh`
+        # @return [Google::Apis::GkehubV1alpha::ServiceMeshMembershipSpec]
+        attr_accessor :mesh
+      
         def initialize(**args)
            update!(**args)
         end
@@ -2007,6 +2277,7 @@ module Google
         def update!(**args)
           @configmanagement = args[:configmanagement] if args.key?(:configmanagement)
           @identityservice = args[:identityservice] if args.key?(:identityservice)
+          @mesh = args[:mesh] if args.key?(:mesh)
         end
       end
       
@@ -2015,6 +2286,11 @@ module Google
       class MembershipFeatureState
         include Google::Apis::Core::Hashable
       
+        # State for App Dev Exp Feature.
+        # Corresponds to the JSON property `appdevexperience`
+        # @return [Google::Apis::GkehubV1alpha::AppDevExperienceFeatureState]
+        attr_accessor :appdevexperience
+      
         # **Anthos Config Management**: State for a single cluster.
         # Corresponds to the JSON property `configmanagement`
         # @return [Google::Apis::GkehubV1alpha::ConfigManagementMembershipState]
@@ -2049,6 +2325,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @appdevexperience = args[:appdevexperience] if args.key?(:appdevexperience)
           @configmanagement = args[:configmanagement] if args.key?(:configmanagement)
           @identityservice = args[:identityservice] if args.key?(:identityservice)
           @metering = args[:metering] if args.key?(:metering)
@@ -2321,31 +2598,31 @@ module Google
       
       # An Identity and Access Management (IAM) policy, which specifies access
       # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
-      # A `binding` binds one or more `members` to a single `role`. Members can be
-      # user accounts, service accounts, Google groups, and domains (such as G Suite).
-      # A `role` is a named list of permissions; each `role` can be an IAM predefined
-      # role or a user-created custom role. For some types of Google Cloud resources,
-      # a `binding` can also specify a `condition`, which is a logical expression that
-      # allows access to a resource only if the expression evaluates to `true`. A
-      # condition can add constraints based on attributes of the request, the resource,
-      # or both. To learn which resources support conditions in their IAM policies,
-      # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
-      # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
-      # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
-      # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
-      # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
-      # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
-      # title": "expirable access", "description": "Does not grant access after Sep
-      # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
-      # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
-      # members: - user:mike@example.com - group:admins@example.com - domain:google.
-      # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
-      # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
-      # roles/resourcemanager.organizationViewer condition: title: expirable access
-      # description: Does not grant access after Sep 2020 expression: request.time <
-      # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
-      # description of IAM and its features, see the [IAM documentation](https://cloud.
-      # google.com/iam/docs/).
+      # A `binding` binds one or more `members`, or principals, to a single `role`.
+      # Principals can be user accounts, service accounts, Google groups, and domains (
+      # such as G Suite). A `role` is a named list of permissions; each `role` can be
+      # an IAM predefined role or a user-created custom role. For some types of Google
+      # Cloud resources, a `binding` can also specify a `condition`, which is a
+      # logical expression that allows access to a resource only if the expression
+      # evaluates to `true`. A condition can add constraints based on attributes of
+      # the request, the resource, or both. To learn which resources support
+      # conditions in their IAM policies, see the [IAM documentation](https://cloud.
+      # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+      # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
+      # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
+      # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
+      # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
+      # ], "condition": ` "title": "expirable access", "description": "Does not grant
+      # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
+      # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
+      # bindings: - members: - user:mike@example.com - group:admins@example.com -
+      # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
+      # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
+      # com role: roles/resourcemanager.organizationViewer condition: title: expirable
+      # access description: Does not grant access after Sep 2020 expression: request.
+      # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
+      # a description of IAM and its features, see the [IAM documentation](https://
+      # cloud.google.com/iam/docs/).
       class Policy
         include Google::Apis::Core::Hashable
       
@@ -2354,9 +2631,14 @@ module Google
         # @return [Array<Google::Apis::GkehubV1alpha::AuditConfig>]
         attr_accessor :audit_configs
       
-        # Associates a list of `members` to a `role`. Optionally, may specify a `
-        # condition` that determines how and when the `bindings` are applied. Each of
-        # the `bindings` must contain at least one member.
+        # Associates a list of `members`, or principals, with a `role`. Optionally, may
+        # specify a `condition` that determines how and when the `bindings` are applied.
+        # Each of the `bindings` must contain at least one principal. The `bindings` in
+        # a `Policy` can refer to up to 1,500 principals; up to 250 of these principals
+        # can be Google groups. Each occurrence of a principal counts towards these
+        # limits. For example, if the `bindings` grant 50 different roles to `user:alice@
+        # example.com`, and not to any other principal, then you can add another 1,450
+        # principals to the `bindings` in the `Policy`.
         # Corresponds to the JSON property `bindings`
         # @return [Array<Google::Apis::GkehubV1alpha::Binding>]
         attr_accessor :bindings
@@ -2409,6 +2691,65 @@ module Google
         end
       end
       
+      # ResourceManifest represents a single Kubernetes resource to be applied to the
+      # cluster.
+      class ResourceManifest
+        include Google::Apis::Core::Hashable
+      
+        # Whether the resource provided in the manifest is `cluster_scoped`. If unset,
+        # the manifest is assumed to be namespace scoped. This field is used for REST
+        # mapping when applying the resource in a cluster.
+        # Corresponds to the JSON property `clusterScoped`
+        # @return [Boolean]
+        attr_accessor :cluster_scoped
+        alias_method :cluster_scoped?, :cluster_scoped
+      
+        # YAML manifest of the resource.
+        # Corresponds to the JSON property `manifest`
+        # @return [String]
+        attr_accessor :manifest
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @cluster_scoped = args[:cluster_scoped] if args.key?(:cluster_scoped)
+          @manifest = args[:manifest] if args.key?(:manifest)
+        end
+      end
+      
+      # ResourceOptions represent options for Kubernetes resource generation.
+      class ResourceOptions
+        include Google::Apis::Core::Hashable
+      
+        # Optional. The Connect agent version to use for connect_resources. Defaults to
+        # the latest GKE Connect version. The version must be a currently supported
+        # version, obsolete versions will be rejected.
+        # Corresponds to the JSON property `connectVersion`
+        # @return [String]
+        attr_accessor :connect_version
+      
+        # Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for
+        # CustomResourceDefinition resources. This option should be set for clusters
+        # with Kubernetes apiserver versions <1.16.
+        # Corresponds to the JSON property `v1beta1Crd`
+        # @return [Boolean]
+        attr_accessor :v1beta1_crd
+        alias_method :v1beta1_crd?, :v1beta1_crd
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @connect_version = args[:connect_version] if args.key?(:connect_version)
+          @v1beta1_crd = args[:v1beta1_crd] if args.key?(:v1beta1_crd)
+        end
+      end
+      
       # AnalysisMessage is a single message produced by an analyzer, and it used to
       # communicate to the end user about the state of their Service Mesh
       # configuration.
@@ -2511,6 +2852,19 @@ module Google
         end
       end
       
+      # **Service Mesh**: Spec for a single Membership for the servicemesh feature
+      class ServiceMeshMembershipSpec
+        include Google::Apis::Core::Hashable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+        end
+      end
+      
       # **Service Mesh**: State for a single Membership, as analyzed by the Service
       # Mesh Hub Controller.
       class ServiceMeshMembershipState
@@ -2570,31 +2924,31 @@ module Google
       
         # An Identity and Access Management (IAM) policy, which specifies access
         # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
-        # A `binding` binds one or more `members` to a single `role`. Members can be
-        # user accounts, service accounts, Google groups, and domains (such as G Suite).
-        # A `role` is a named list of permissions; each `role` can be an IAM predefined
-        # role or a user-created custom role. For some types of Google Cloud resources,
-        # a `binding` can also specify a `condition`, which is a logical expression that
-        # allows access to a resource only if the expression evaluates to `true`. A
-        # condition can add constraints based on attributes of the request, the resource,
-        # or both. To learn which resources support conditions in their IAM policies,
-        # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
-        # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
-        # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
-        # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
-        # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
-        # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
-        # title": "expirable access", "description": "Does not grant access after Sep
-        # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
-        # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
-        # members: - user:mike@example.com - group:admins@example.com - domain:google.
-        # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
-        # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
-        # roles/resourcemanager.organizationViewer condition: title: expirable access
-        # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
-        # description of IAM and its features, see the [IAM documentation](https://cloud.
-        # google.com/iam/docs/).
+        # A `binding` binds one or more `members`, or principals, to a single `role`.
+        # Principals can be user accounts, service accounts, Google groups, and domains (
+        # such as G Suite). A `role` is a named list of permissions; each `role` can be
+        # an IAM predefined role or a user-created custom role. For some types of Google
+        # Cloud resources, a `binding` can also specify a `condition`, which is a
+        # logical expression that allows access to a resource only if the expression
+        # evaluates to `true`. A condition can add constraints based on attributes of
+        # the request, the resource, or both. To learn which resources support
+        # conditions in their IAM policies, see the [IAM documentation](https://cloud.
+        # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+        # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
+        # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
+        # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
+        # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
+        # ], "condition": ` "title": "expirable access", "description": "Does not grant
+        # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
+        # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
+        # bindings: - members: - user:mike@example.com - group:admins@example.com -
+        # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
+        # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
+        # com role: roles/resourcemanager.organizationViewer condition: title: expirable
+        # access description: Does not grant access after Sep 2020 expression: request.
+        # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
+        # a description of IAM and its features, see the [IAM documentation](https://
+        # cloud.google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
         # @return [Google::Apis::GkehubV1alpha::Policy]
         attr_accessor :policy
@@ -2617,6 +2971,31 @@ module Google
         end
       end
       
+      # Status specifies state for the subcomponent.
+      class Status
+        include Google::Apis::Core::Hashable
+      
+        # Code specifies AppDevExperienceFeature's subcomponent ready state.
+        # Corresponds to the JSON property `code`
+        # @return [String]
+        attr_accessor :code
+      
+        # Description is populated if Code is Failed, explaining why it has failed.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @code = args[:code] if args.key?(:code)
+          @description = args[:description] if args.key?(:description)
+        end
+      end
+      
       # Request message for `TestIamPermissions` method.
       class TestIamPermissionsRequest
         include Google::Apis::Core::Hashable
@@ -2656,6 +3035,32 @@ module Google
           @permissions = args[:permissions] if args.key?(:permissions)
         end
       end
+      
+      # TypeMeta is the type information needed for content unmarshalling of
+      # Kubernetes resources in the manifest.
+      class TypeMeta
+        include Google::Apis::Core::Hashable
+      
+        # APIVersion of the resource (e.g. v1).
+        # Corresponds to the JSON property `apiVersion`
+        # @return [String]
+        attr_accessor :api_version
+      
+        # Kind of the resource (e.g. Deployment).
+        # Corresponds to the JSON property `kind`
+        # @return [String]
+        attr_accessor :kind
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @api_version = args[:api_version] if args.key?(:api_version)
+          @kind = args[:kind] if args.key?(:kind)
+        end
+      end
     end
   end
 end