google-api-python-client 2.147.0__py2.py3-none-any.whl → 2.149.0__py2.py3-none-any.whl

googleapiclient/discovery_cache/documents/networkmanagement.v1beta1.json

@@ -758,7 +758,7 @@
 }
 }
 },
-"revision": "20240911",
+"revision": "20240918",
 "rootUrl": "https://networkmanagement.googleapis.com/",
 "schemas": {
 "AbortInfo": {
@@ -1340,7 +1340,8 @@ false
 "REDIS_CLUSTER_NO_EXTERNAL_IP",
 "REDIS_CLUSTER_UNSUPPORTED_PROTOCOL",
 "NO_ADVERTISED_ROUTE_TO_GCP_DESTINATION",
-"NO_TRAFFIC_SELECTOR_TO_GCP_DESTINATION"
+"NO_TRAFFIC_SELECTOR_TO_GCP_DESTINATION",
+"NO_KNOWN_ROUTE_FROM_PEERED_NETWORK_TO_DESTINATION"
 ],
 "enumDescriptions": [
 "Cause is unspecified.",
@@ -1424,7 +1425,8 @@ false
 "Redis Cluster does not have an external IP address.",
 "Packet is dropped due to an unsupported protocol being used to connect to a Redis Cluster. Only TCP connections are accepted by a Redis Cluster.",
 "Packet from the non-GCP (on-prem) or unknown GCP network is dropped due to the destination IP address not belonging to any IP prefix advertised via BGP by the Cloud Router.",
-"Packet from the non-GCP (on-prem) or unknown GCP network is dropped due to the destination IP address not belonging to any IP prefix included to the local traffic selector of the VPN tunnel."
+"Packet from the non-GCP (on-prem) or unknown GCP network is dropped due to the destination IP address not belonging to any IP prefix included to the local traffic selector of the VPN tunnel.",
+"Packet from the unknown peered network is dropped due to no known route from the source network to the destination IP address."
 ],
 "type": "string"
 },
@@ -2826,7 +2828,8 @@ false
 "PEERING_SUBNET",
 "PEERING_STATIC",
 "PEERING_DYNAMIC",
-"POLICY_BASED"
+"POLICY_BASED",
+"ADVERTISED"
 ],
 "enumDescriptions": [
 "Unspecified type. Default value.",
@@ -2836,7 +2839,8 @@ false
 "A subnet route received from peering network.",
 "A static route received from peering network.",
 "A dynamic route received from peering network.",
-"Policy based route."
+"Policy based route.",
+"Advertised route. Synthetic route which is used to transition from the StartFromPrivateNetwork state in Connectivity tests."
 ],
 "type": "string"
 },

googleapiclient/discovery_cache/documents/networksecurity.v1.json

@@ -3253,7 +3253,7 @@
 }
 }
 },
-"revision": "20240828",
+"revision": "20240919",
 "rootUrl": "https://networksecurity.googleapis.com/",
 "schemas": {
 "AddAddressGroupItemsRequest": {
@@ -3492,6 +3492,17 @@
 },
 "type": "object"
 },
+"CustomMirroringProfile": {
+"description": "CustomMirroringProfile defines an action for mirroring traffic to a collector's EndpointGroup",
+"id": "CustomMirroringProfile",
+"properties": {
+"mirroringEndpointGroup": {
+"description": "Required. The MirroringEndpointGroup to which traffic associated with the SP should be mirrored.",
+"type": "string"
+}
+},
+"type": "object"
+},
 "Destination": {
 "description": "Specification of traffic destination attributes.",
 "id": "Destination",
@@ -4527,6 +4538,10 @@
 "readOnly": true,
 "type": "string"
 },
+"customMirroringProfile": {
+"$ref": "CustomMirroringProfile",
+"description": "The custom Packet Mirroring v2 configuration for the SecurityProfile."
+},
 "description": {
 "description": "Optional. An optional description of the profile. Max length 512 characters.",
 "type": "string"
@@ -4555,11 +4570,13 @@
 "description": "Immutable. The single ProfileType that the SecurityProfile resource configures.",
 "enum": [
 "PROFILE_TYPE_UNSPECIFIED",
-"THREAT_PREVENTION"
+"THREAT_PREVENTION",
+"CUSTOM_MIRRORING"
 ],
 "enumDescriptions": [
 "Profile type not specified.",
-"Profile type for threat prevention."
+"Profile type for threat prevention.",
+"Profile type for packet mirroring v2"
 ],
 "type": "string"
 },
@@ -4582,6 +4599,10 @@
 "readOnly": true,
 "type": "string"
 },
+"customMirroringProfile": {
+"description": "Optional. Reference to a SecurityProfile with the CustomMirroring configuration.",
+"type": "string"
+},
 "description": {
 "description": "Optional. An optional description of the profile group. Max length 2048 characters.",
 "type": "string"

googleapiclient/discovery_cache/documents/networksecurity.v1beta1.json

@@ -1923,7 +1923,7 @@
 "type": "string"
 },
 "updateMask": {
-"description": "Required. Used to specify the fields to be overwritten in the `AuthzPolicy` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field is overwritten if it is in the mask. If the user does not specify a mask, then all fields are overwritten.",
+"description": "Required. Used to specify the fields to be overwritten in the `AuthzPolicy` resource by the update. The fields specified in the `update_mask` are relative to the resource, not the full request. A field is overwritten if it is in the mask. If the user does not specify a mask, then all fields are overwritten.",
 "format": "google-fieldmask",
 "location": "query",
 "type": "string"
@@ -4159,7 +4159,7 @@
 }
 }
 },
-"revision": "20240828",
+"revision": "20240919",
 "rootUrl": "https://networksecurity.googleapis.com/",
 "schemas": {
 "AddAddressGroupItemsRequest": {
@@ -4322,7 +4322,7 @@
 "id": "AuthzPolicy",
 "properties": {
 "action": {
-"description": "Required. Can be one of ALLOW, DENY, CUSTOM. When the action is CUSTOM, customProvider must be specified. When the action is ALLOW, only requests matching the policy will be allowed. When the action is DENY, only requests matching the policy will be denied. When a request arrives, the policies are evaluated in the following order: 1. If there is a CUSTOM policy that matches the request, the CUSTOM policy is evaluated using the custom authorization providers and the request is denied if the provider rejects the request. 2. If there are any DENY policies that match the request, the request is denied. 3. If there are no ALLOW policies for the resource or if any of the ALLOW policies match the request, the request is allowed. 4. Else the request is denied by default if none of the configured AuthzPolicies with ALLOW action match the request.",
+"description": "Required. Can be one of `ALLOW`, `DENY`, `CUSTOM`. When the action is `CUSTOM`, `customProvider` must be specified. When the action is `ALLOW`, only requests matching the policy will be allowed. When the action is `DENY`, only requests matching the policy will be denied. When a request arrives, the policies are evaluated in the following order: 1. If there is a `CUSTOM` policy that matches the request, the `CUSTOM` policy is evaluated using the custom authorization providers and the request is denied if the provider rejects the request. 2. If there are any `DENY` policies that match the request, the request is denied. 3. If there are no `ALLOW` policies for the resource or if any of the `ALLOW` policies match the request, the request is allowed. 4. Else the request is denied by default if none of the configured AuthzPolicies with `ALLOW` action match the request.",
 "enum": [
 "AUTHZ_ACTION_UNSPECIFIED",
 "ALLOW",
@@ -4345,14 +4345,14 @@
 },
 "customProvider": {
 "$ref": "AuthzPolicyCustomProvider",
-"description": "Optional. Required if the action is CUSTOM. Allows delegating authorization decisions to Cloud IAP or to Service Extensions. One of cloudIap or authzExtension must be specified."
+"description": "Optional. Required if the action is `CUSTOM`. Allows delegating authorization decisions to Cloud IAP or to Service Extensions. One of `cloudIap` or `authzExtension` must be specified."
 },
 "description": {
 "description": "Optional. A human-readable description of the resource.",
 "type": "string"
 },
 "httpRules": {
-"description": "Optional. A list of authorization HTTP rules to match against the incoming request. A policy match occurs when at least one HTTP rule matches the request or when no HTTP rules are specified in the policy. At least one HTTP Rule is required for Allow or Deny Action.",
+"description": "Optional. A list of authorization HTTP rules to match against the incoming request. A policy match occurs when at least one HTTP rule matches the request or when no HTTP rules are specified in the policy. At least one HTTP Rule is required for Allow or Deny Action. Limited to 5 rules.",
 "items": {
 "$ref": "AuthzPolicyAuthzRule"
 },
@@ -4413,7 +4413,7 @@
 "type": "array"
 },
 "sources": {
-"description": "Optional. Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 10 sources. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match.",
+"description": "Optional. Describes the properties of a request's sources. At least one of sources or notSources must be specified. Limited to 5 sources. A match occurs when ANY source (in sources or notSources) matches the request. Within a single source, the match follows AND semantics across fields and OR semantics within a single field, i.e. a match occurs when ANY principal matches AND ANY ipBlocks match.",
 "items": {
 "$ref": "AuthzPolicyAuthzRuleFromRequestSource"
 },
@@ -4427,14 +4427,14 @@
 "id": "AuthzPolicyAuthzRuleFromRequestSource",
 "properties": {
 "principals": {
-"description": "Optional. A list of identities derived from the client's certificate. This field will not match on a request unless mutual TLS is enabled for the Forwarding rule or Gateway. Each identity is a string whose value is matched against the URI SAN, or DNS SAN or the subject field in the client's certificate. The match can be exact, prefix, suffix or a substring match. One of exact, prefix, suffix or contains must be specified. Limited to 10 principals.",
+"description": "Optional. A list of identities derived from the client's certificate. This field will not match on a request unless mutual TLS is enabled for the Forwarding rule or Gateway. Each identity is a string whose value is matched against the URI SAN, or DNS SAN or the subject field in the client's certificate. The match can be exact, prefix, suffix or a substring match. One of exact, prefix, suffix or contains must be specified. Limited to 5 principals.",
 "items": {
 "$ref": "AuthzPolicyAuthzRuleStringMatch"
 },
 "type": "array"
 },
 "resources": {
-"description": "Optional. A list of resources to match against the resource of the source VM of a request. Limited to 10 resources.",
+"description": "Optional. A list of resources to match against the resource of the source VM of a request. Limited to 5 resources.",
 "items": {
 "$ref": "AuthzPolicyAuthzRuleRequestResource"
 },
@@ -4478,7 +4478,7 @@
 "id": "AuthzPolicyAuthzRuleRequestResourceTagValueIdSet",
 "properties": {
 "ids": {
-"description": "Required. A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match. Limited to 10 matches.",
+"description": "Required. A list of resource tag value permanent IDs to match against the resource manager tags value associated with the source VM of a request. The match follows AND semantics which means all the ids must match. Limited to 5 matches.",
 "items": {
 "format": "int64",
 "type": "string"
@@ -4527,7 +4527,7 @@
 "type": "array"
 },
 "operations": {
-"description": "Optional. Describes properties of one or more targets of a request. At least one of operations or notOperations must be specified. Limited to 10 operations. A match occurs when ANY operation (in operations or notOperations) matches. Within an operation, the match follows AND semantics across fields and OR semantics within a field, i.e. a match occurs when ANY path matches AND ANY header matches and ANY method matches.",
+"description": "Optional. Describes properties of one or more targets of a request. At least one of operations or notOperations must be specified. Limited to 5 operations. A match occurs when ANY operation (in operations or notOperations) matches. Within an operation, the match follows AND semantics across fields and OR semantics within a field, i.e. a match occurs when ANY path matches AND ANY header matches and ANY method matches.",
 "items": {
 "$ref": "AuthzPolicyAuthzRuleToRequestOperation"
 },
@@ -4545,7 +4545,7 @@
 "description": "Optional. A list of headers to match against in http header."
 },
 "hosts": {
-"description": "Optional. A list of HTTP Hosts to match against. The match can be one of exact, prefix, suffix, or contains (substring match). Matches are always case sensitive unless the ignoreCase is set. Limited to 10 matches.",
+"description": "Optional. A list of HTTP Hosts to match against. The match can be one of exact, prefix, suffix, or contains (substring match). Matches are always case sensitive unless the ignoreCase is set. Limited to 5 matches.",
 "items": {
 "$ref": "AuthzPolicyAuthzRuleStringMatch"
 },
@@ -4559,7 +4559,7 @@
 "type": "array"
 },
 "paths": {
-"description": "Optional. A list of paths to match against. The match can be one of exact, prefix, suffix, or contains (substring match). Matches are always case sensitive unless the ignoreCase is set. Limited to 10 matches. Note that this path match includes the query parameters. For gRPC services, this should be a fully-qualified name of the form /package.service/method.",
+"description": "Optional. A list of paths to match against. The match can be one of exact, prefix, suffix, or contains (substring match). Matches are always case sensitive unless the ignoreCase is set. Limited to 5 matches. Note that this path match includes the query parameters. For gRPC services, this should be a fully-qualified name of the form /package.service/method.",
 "items": {
 "$ref": "AuthzPolicyAuthzRuleStringMatch"
 },
@@ -4573,7 +4573,7 @@
 "id": "AuthzPolicyAuthzRuleToRequestOperationHeaderSet",
 "properties": {
 "headers": {
-"description": "Required. A list of headers to match against in http header. The match can be one of exact, prefix, suffix, or contains (substring match). The match follows AND semantics which means all the headers must match. Matches are always case sensitive unless the ignoreCase is set. Limited to 10 matches.",
+"description": "Required. A list of headers to match against in http header. The match can be one of exact, prefix, suffix, or contains (substring match). The match follows AND semantics which means all the headers must match. Matches are always case sensitive unless the ignoreCase is set. Limited to 5 matches.",
 "items": {
 "$ref": "AuthzPolicyAuthzRuleHeaderMatch"
 },
@@ -4622,7 +4622,7 @@
 "id": "AuthzPolicyTarget",
 "properties": {
 "loadBalancingScheme": {
-"description": "Required. All gateways and forwarding rules referenced by this policy and extensions must share the same load balancing scheme. Supported values: `INTERNAL_MANAGED` and `EXTERNAL_MANAGED`. For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service).",
+"description": "Required. All gateways and forwarding rules referenced by this policy and extensions must share the same load balancing scheme. Supported values: `INTERNAL_MANAGED` and `EXTERNAL_MANAGED`. For more information, refer to [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service).",
 "enum": [
 "LOAD_BALANCING_SCHEME_UNSPECIFIED",
 "INTERNAL_MANAGED",
@@ -4728,6 +4728,17 @@
 },
 "type": "object"
 },
+"CustomMirroringProfile": {
+"description": "CustomMirroringProfile defines an action for mirroring traffic to a collector's EndpointGroup",
+"id": "CustomMirroringProfile",
+"properties": {
+"mirroringEndpointGroup": {
+"description": "Required. The MirroringEndpointGroup to which traffic associated with the SP should be mirrored.",
+"type": "string"
+}
+},
+"type": "object"
+},
 "Destination": {
 "description": "Specification of traffic destination attributes.",
 "id": "Destination",
@@ -5880,7 +5891,7 @@
 "type": "object"
 },
 "MirroringEndpointGroup": {
-"description": "Message describing MirroringEndpointGroup object",
+"description": "Message describing MirroringEndpointGroup object. Next ID: 10",
 "id": "MirroringEndpointGroup",
 "properties": {
 "createTime": {
@@ -6170,6 +6181,10 @@
 "readOnly": true,
 "type": "string"
 },
+"customMirroringProfile": {
+"$ref": "CustomMirroringProfile",
+"description": "The custom Packet Mirroring v2 configuration for the SecurityProfile."
+},
 "description": {
 "description": "Optional. An optional description of the profile. Max length 512 characters.",
 "type": "string"
@@ -6198,11 +6213,13 @@
 "description": "Immutable. The single ProfileType that the SecurityProfile resource configures.",
 "enum": [
 "PROFILE_TYPE_UNSPECIFIED",
-"THREAT_PREVENTION"
+"THREAT_PREVENTION",
+"CUSTOM_MIRRORING"
 ],
 "enumDescriptions": [
 "Profile type not specified.",
-"Profile type for threat prevention."
+"Profile type for threat prevention.",
+"Profile type for packet mirroring v2"
 ],
 "type": "string"
 },
@@ -6225,6 +6242,10 @@
 "readOnly": true,
 "type": "string"
 },
+"customMirroringProfile": {
+"description": "Optional. Reference to a SecurityProfile with the CustomMirroring configuration.",
+"type": "string"
+},
 "description": {
 "description": "Optional. An optional description of the profile group. Max length 2048 characters.",
 "type": "string"

googleapiclient/discovery_cache/documents/networkservices.v1.json

@@ -1241,7 +1241,7 @@
 "type": "string"
 },
 "updateMask": {
-"description": "Optional. Used to specify the fields to be overwritten in the `LbRouteExtension` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field is overwritten if it is in the mask. If the user does not specify a mask, then all fields are overwritten.",
+"description": "Optional. Used to specify the fields to be overwritten in the `LbRouteExtension` resource by the update. The fields specified in the `update_mask` are relative to the resource, not the full request. A field is overwritten if it is in the mask. If the user does not specify a mask, then all fields are overwritten.",
 "format": "google-fieldmask",
 "location": "query",
 "type": "string"
@@ -1423,7 +1423,7 @@
 "type": "string"
 },
 "updateMask": {
-"description": "Optional. Used to specify the fields to be overwritten in the `LbTrafficExtension` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field is overwritten if it is in the mask. If the user does not specify a mask, then all fields are overwritten.",
+"description": "Optional. Used to specify the fields to be overwritten in the `LbTrafficExtension` resource by the update. The fields specified in the `update_mask` are relative to the resource, not the full request. A field is overwritten if it is in the mask. If the user does not specify a mask, then all fields are overwritten.",
 "format": "google-fieldmask",
 "location": "query",
 "type": "string"
@@ -1930,37 +1930,6 @@
 "https://www.googleapis.com/auth/cloud-platform"
 ]
 },
-"getIamPolicy": {
-"description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serviceLbPolicies/{serviceLbPoliciesId}:getIamPolicy",
-"httpMethod": "GET",
-"id": "networkservices.projects.locations.serviceLbPolicies.getIamPolicy",
-"parameterOrder": [
-"resource"
-],
-"parameters": {
-"options.requestedPolicyVersion": {
-"description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).",
-"format": "int32",
-"location": "query",
-"type": "integer"
-},
-"resource": {
-"description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
-"location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/serviceLbPolicies/[^/]+$",
-"required": true,
-"type": "string"
-}
-},
-"path": "v1/{+resource}:getIamPolicy",
-"response": {
-"$ref": "Policy"
-},
-"scopes": [
-"https://www.googleapis.com/auth/cloud-platform"
-]
-},
 "list": {
 "description": "Lists ServiceLbPolicies in a given project and location.",
 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serviceLbPolicies",
@@ -2030,62 +1999,6 @@
 "scopes": [
 "https://www.googleapis.com/auth/cloud-platform"
 ]
-},
-"setIamPolicy": {
-"description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serviceLbPolicies/{serviceLbPoliciesId}:setIamPolicy",
-"httpMethod": "POST",
-"id": "networkservices.projects.locations.serviceLbPolicies.setIamPolicy",
-"parameterOrder": [
-"resource"
-],
-"parameters": {
-"resource": {
-"description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
-"location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/serviceLbPolicies/[^/]+$",
-"required": true,
-"type": "string"
-}
-},
-"path": "v1/{+resource}:setIamPolicy",
-"request": {
-"$ref": "SetIamPolicyRequest"
-},
-"response": {
-"$ref": "Policy"
-},
-"scopes": [
-"https://www.googleapis.com/auth/cloud-platform"
-]
-},
-"testIamPermissions": {
-"description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.",
-"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/serviceLbPolicies/{serviceLbPoliciesId}:testIamPermissions",
-"httpMethod": "POST",
-"id": "networkservices.projects.locations.serviceLbPolicies.testIamPermissions",
-"parameterOrder": [
-"resource"
-],
-"parameters": {
-"resource": {
-"description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.",
-"location": "path",
-"pattern": "^projects/[^/]+/locations/[^/]+/serviceLbPolicies/[^/]+$",
-"required": true,
-"type": "string"
-}
-},
-"path": "v1/{+resource}:testIamPermissions",
-"request": {
-"$ref": "TestIamPermissionsRequest"
-},
-"response": {
-"$ref": "TestIamPermissionsResponse"
-},
-"scopes": [
-"https://www.googleapis.com/auth/cloud-platform"
-]
 }
 }
 },
@@ -2408,7 +2321,7 @@
 }
 }
 },
-"revision": "20240913",
+"revision": "20240919",
 "rootUrl": "https://networkservices.googleapis.com/",
 "schemas": {
 "AuditConfig": {
@@ -3759,7 +3672,7 @@
 "type": "object"
 },
 "loadBalancingScheme": {
-"description": "Required. All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. Supported values: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service).",
+"description": "Required. All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. Supported values: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. For more information, refer to [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service).",
 "enum": [
 "LOAD_BALANCING_SCHEME_UNSPECIFIED",
 "INTERNAL_MANAGED",
@@ -3777,7 +3690,7 @@
 "description": "Properties of the object.",
 "type": "any"
 },
-"description": "Optional. The metadata provided here is included as part of the `metadata_context` (of type `google.protobuf.Struct`) in the `ProcessingRequest` message sent to the extension server. The metadata is available under the namespace `com.google.lb_route_extension.`. The following variables are supported in the metadata Struct: `{forwarding_rule_id}` - substituted with the forwarding rule's fully qualified resource name. Only one of the resource level metadata and extension level metadata can be set.",
+"description": "Optional. The metadata provided here is included as part of the `metadata_context` (of type `google.protobuf.Struct`) in the `ProcessingRequest` message sent to the extension server. The metadata is available under the namespace `com.google.lb_route_extension.`. The following variables are supported in the metadata Struct: `{forwarding_rule_id}` - substituted with the forwarding rule's fully qualified resource name.",
 "type": "object"
 },
 "name": {
@@ -3829,7 +3742,7 @@
 "type": "object"
 },
 "loadBalancingScheme": {
-"description": "Required. All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. Supported values: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service).",
+"description": "Required. All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. Supported values: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. For more information, refer to [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service).",
 "enum": [
 "LOAD_BALANCING_SCHEME_UNSPECIFIED",
 "INTERNAL_MANAGED",
@@ -3847,7 +3760,7 @@
 "description": "Properties of the object.",
 "type": "any"
 },
-"description": "Optional. The metadata provided here is included in the `ProcessingRequest.metadata_context.filter_metadata` map field. The metadata is available under the key `com.google.lb_traffic_extension.`. The following variables are supported in the metadata: `{forwarding_rule_id}` - substituted with the forwarding rule's fully qualified resource name. Only one of the resource level metadata and extension level metadata can be set.",
+"description": "Optional. The metadata provided here is included in the `ProcessingRequest.metadata_context.filter_metadata` map field. The metadata is available under the key `com.google.lb_traffic_extension.`. The following variables are supported in the metadata: `{forwarding_rule_id}` - substituted with the forwarding rule's fully qualified resource name.",
 "type": "object"
 },
 "name": {