google-api-python-client 2.181.0__py3-none-any.whl → 2.183.0__py3-none-any.whl

googleapiclient/discovery_cache/documents/sqladmin.v1.json

@@ -1565,6 +1565,21 @@
 "required": true,
 "type": "string"
 },
+"mode": {
+"description": "Optional. Reset SSL mode to use.",
+"enum": [
+"RESET_SSL_MODE_UNSPECIFIED",
+"ALL",
+"SYNC_FROM_PRIMARY"
+],
+"enumDescriptions": [
+"Reset SSL mode is not specified.",
+"Refresh all TLS configs. This is the default behaviour.",
+"Refreshes the replication-related TLS configuration settings provided by the primary instance. Not applicable to on-premises replication instances."
+],
+"location": "query",
+"type": "string"
+},
 "project": {
 "description": "Project ID of the project that contains the instance.",
 "location": "path",
@@ -2635,7 +2650,7 @@
 }
 }
 },
-"revision": "20250823",
+"revision": "20250908",
 "rootUrl": "https://sqladmin.googleapis.com/",
 "schemas": {
 "AclEntry": {
@@ -2751,7 +2766,7 @@
 "type": "object"
 },
 "Backup": {
-"description": "A backup resource. Next ID: 30",
+"description": "A backup resource.",
 "id": "Backup",
 "properties": {
 "backupInterval": {
@@ -6047,6 +6062,21 @@ false
 },
 "type": "object"
 },
+"Message": {
+"description": "Represents a notice or warning message from the database.",
+"id": "Message",
+"properties": {
+"message": {
+"description": "The full message string. For PostgreSQL, this is a formatted string that may include severity, code, and the notice/warning message. For MySQL, this contains the warning message.",
+"type": "string"
+},
+"severity": {
+"description": "The severity of the message (e.g., \"NOTICE\" for PostgreSQL, \"WARNING\" for MySQL).",
+"type": "string"
+}
+},
+"type": "object"
+},
 "Metadata": {
 "description": "The additional metadata information regarding the execution of the SQL statements.",
 "id": "Metadata",
@@ -6826,6 +6856,38 @@ false
 },
 "type": "object"
 },
+"ReadPoolAutoScaleConfig": {
+"description": "The read pool auto-scale configuration.",
+"id": "ReadPoolAutoScaleConfig",
+"properties": {
+"disableScaleIn": {
+"description": "Indicates whether read pool auto scaling supports scale in operations (removing nodes).",
+"type": "boolean"
+},
+"enabled": {
+"description": "Indicates whether read pool auto scaling is enabled.",
+"type": "boolean"
+},
+"maxNodeCount": {
+"description": "Maximum number of read pool nodes to be maintained.",
+"format": "int32",
+"type": "integer"
+},
+"minNodeCount": {
+"description": "Minimum number of read pool nodes to be maintained.",
+"format": "int32",
+"type": "integer"
+},
+"targetMetrics": {
+"description": "Optional. Target metrics for read pool auto scaling.",
+"items": {
+"$ref": "TargetMetric"
+},
+"type": "array"
+}
+},
+"type": "object"
+},
 "ReplicaConfiguration": {
 "description": "Read-replica configuration for connecting to the primary instance.",
 "id": "ReplicaConfiguration",
@@ -7193,6 +7255,10 @@ false
 ],
 "type": "string"
 },
+"readPoolAutoScaleConfig": {
+"$ref": "ReadPoolAutoScaleConfig",
+"description": "Optional. The read pool auto-scale configuration for the instance."
+},
 "replicationLagMaxSeconds": {
 "description": "Optional. Configuration value for recreation of replica after certain replication lag",
 "format": "int32",
@@ -7369,7 +7435,8 @@ false
 "PSC_ONLY_INSTANCE_WITH_NO_NETWORK_ATTACHMENT_URI",
 "SELECTED_OBJECTS_REFERENCE_UNSELECTED_OBJECTS",
 "PROMPT_DELETE_EXISTING",
-"WILL_DELETE_EXISTING"
+"WILL_DELETE_EXISTING",
+"PG_DDL_REPLICATION_INSUFFICIENT_PRIVILEGE"
 ],
 "enumDescriptions": [
 "",
@@ -7429,7 +7496,8 @@ false
 "PSC only destination instance does not have a network attachment URI.",
 "Selected objects reference unselected objects. Based on their object type (foreign key constraint or view), selected objects will fail during migration.",
 "The migration will delete existing data in the replica; set replica_overwrite_enabled in the request to acknowledge this. This is an error. MySQL only.",
-"The migration will delete existing data in the replica; replica_overwrite_enabled was set in the request acknowledging this. This is a warning rather than an error. MySQL only."
+"The migration will delete existing data in the replica; replica_overwrite_enabled was set in the request acknowledging this. This is a warning rather than an error. MySQL only.",
+"The replication user is missing specific privileges to setup DDL replication. (e.g. CREATE EVENT TRIGGER, CREATE SCHEMA) for PostgreSQL."
 ],
 "type": "string"
 }
@@ -7451,6 +7519,13 @@ false
 "description": "Execute SQL statements response.",
 "id": "SqlInstancesExecuteSqlResponse",
 "properties": {
+"messages": {
+"description": "A list of notices and warnings generated during query execution. For PostgreSQL, this includes all notices and warnings. For MySQL, this includes warnings generated by the last executed statement. To retrieve all warnings for a multi-statement query, `SHOW WARNINGS` must be executed after each statement.",
+"items": {
+"$ref": "Message"
+},
+"type": "array"
+},
 "metadata": {
 "$ref": "Metadata",
 "description": "The additional metadata information regarding the execution of the SQL statements."
@@ -7969,6 +8044,22 @@ false
 },
 "type": "object"
 },
+"TargetMetric": {
+"description": "Target metric for read pool auto scaling.",
+"id": "TargetMetric",
+"properties": {
+"metric": {
+"description": "The metric name to be used for auto scaling.",
+"type": "string"
+},
+"targetValue": {
+"description": "The target value for the metric.",
+"format": "float",
+"type": "number"
+}
+},
+"type": "object"
+},
 "Tier": {
 "description": "A Google Cloud SQL service tier resource.",
 "id": "Tier",
@@ -8062,6 +8153,20 @@ false
 "description": "Optional. The host from which the user can connect. For `insert` operations, host defaults to an empty string. For `update` operations, host is specified as part of the request URL. The host name cannot be updated after insertion. For a MySQL instance, it's required; for a PostgreSQL or SQL Server instance, it's optional.",
 "type": "string"
 },
+"iamStatus": {
+"description": "Indicates if a group is active or inactive for IAM database authentication.",
+"enum": [
+"IAM_STATUS_UNSPECIFIED",
+"INACTIVE",
+"ACTIVE"
+],
+"enumDescriptions": [
+"The default value for users that are not of type CLOUD_IAM_GROUP. Only CLOUD_IAM_GROUP users will be inactive or active. Users with an IamStatus of IAM_STATUS_UNSPECIFIED will not display whether they are active or inactive as that is not applicable to them.",
+"INACTIVE indicates a group is not available for IAM database authentication.",
+"ACTIVE indicates a group is available for IAM database authentication."
+],
+"type": "string"
+},
 "instance": {
 "description": "The name of the Cloud SQL instance. This does not include the project ID. Can be omitted for `update` because it is already specified on the URL.",
 "type": "string"

googleapiclient/discovery_cache/documents/sqladmin.v1beta4.json

@@ -1565,6 +1565,21 @@
 "required": true,
 "type": "string"
 },
+"mode": {
+"description": "Optional. Reset SSL mode to use.",
+"enum": [
+"RESET_SSL_MODE_UNSPECIFIED",
+"ALL",
+"SYNC_FROM_PRIMARY"
+],
+"enumDescriptions": [
+"Reset SSL mode is not specified.",
+"Refresh all TLS configs. This is the default behaviour.",
+"Refreshes the replication-related TLS configuration settings provided by the primary instance. Not applicable to on-premises replication instances."
+],
+"location": "query",
+"type": "string"
+},
 "project": {
 "description": "Project ID of the project that contains the instance.",
 "location": "path",
@@ -2635,7 +2650,7 @@
 }
 }
 },
-"revision": "20250823",
+"revision": "20250908",
 "rootUrl": "https://sqladmin.googleapis.com/",
 "schemas": {
 "AclEntry": {
@@ -2751,7 +2766,7 @@
 "type": "object"
 },
 "Backup": {
-"description": "A backup resource. Next ID: 30",
+"description": "A backup resource.",
 "id": "Backup",
 "properties": {
 "backupInterval": {
@@ -6048,6 +6063,21 @@ false
 },
 "type": "object"
 },
+"Message": {
+"description": "Represents a notice or warning message from the database.",
+"id": "Message",
+"properties": {
+"message": {
+"description": "The full message string. For PostgreSQL, this is a formatted string that may include severity, code, and the notice/warning message. For MySQL, this contains the warning message.",
+"type": "string"
+},
+"severity": {
+"description": "The severity of the message (e.g., \"NOTICE\" for PostgreSQL, \"WARNING\" for MySQL).",
+"type": "string"
+}
+},
+"type": "object"
+},
 "Metadata": {
 "description": "The additional metadata information regarding the execution of the SQL statements.",
 "id": "Metadata",
@@ -6827,6 +6857,38 @@ false
 },
 "type": "object"
 },
+"ReadPoolAutoScaleConfig": {
+"description": "The read pool auto-scale configuration.",
+"id": "ReadPoolAutoScaleConfig",
+"properties": {
+"disableScaleIn": {
+"description": "Indicates whether read pool auto scaling supports scale in operations (removing nodes).",
+"type": "boolean"
+},
+"enabled": {
+"description": "Indicates whether read pool auto scaling is enabled.",
+"type": "boolean"
+},
+"maxNodeCount": {
+"description": "Maximum number of read pool nodes to be maintained.",
+"format": "int32",
+"type": "integer"
+},
+"minNodeCount": {
+"description": "Minimum number of read pool nodes to be maintained.",
+"format": "int32",
+"type": "integer"
+},
+"targetMetrics": {
+"description": "Optional. Target metrics for read pool auto scaling.",
+"items": {
+"$ref": "TargetMetric"
+},
+"type": "array"
+}
+},
+"type": "object"
+},
 "ReplicaConfiguration": {
 "description": "Read-replica configuration for connecting to the primary instance.",
 "id": "ReplicaConfiguration",
@@ -7194,6 +7256,10 @@ false
 ],
 "type": "string"
 },
+"readPoolAutoScaleConfig": {
+"$ref": "ReadPoolAutoScaleConfig",
+"description": "Optional. The read pool auto-scale configuration for the instance."
+},
 "replicationLagMaxSeconds": {
 "description": "Optional. Configuration value for recreation of replica after certain replication lag.",
 "format": "int32",
@@ -7370,7 +7436,8 @@ false
 "PSC_ONLY_INSTANCE_WITH_NO_NETWORK_ATTACHMENT_URI",
 "SELECTED_OBJECTS_REFERENCE_UNSELECTED_OBJECTS",
 "PROMPT_DELETE_EXISTING",
-"WILL_DELETE_EXISTING"
+"WILL_DELETE_EXISTING",
+"PG_DDL_REPLICATION_INSUFFICIENT_PRIVILEGE"
 ],
 "enumDescriptions": [
 "",
@@ -7430,7 +7497,8 @@ false
 "PSC only destination instance does not have a network attachment URI.",
 "Selected objects reference unselected objects. Based on their object type (foreign key constraint or view), selected objects will fail during migration.",
 "The migration will delete existing data in the replica; set replica_overwrite_enabled in the request to acknowledge this. This is an error. MySQL only.",
-"The migration will delete existing data in the replica; replica_overwrite_enabled was set in the request acknowledging this. This is a warning rather than an error. MySQL only."
+"The migration will delete existing data in the replica; replica_overwrite_enabled was set in the request acknowledging this. This is a warning rather than an error. MySQL only.",
+"The replication user is missing specific privileges to setup DDL replication. (e.g. CREATE EVENT TRIGGER, CREATE SCHEMA) for PostgreSQL."
 ],
 "type": "string"
 }
@@ -7452,6 +7520,13 @@ false
 "description": "Execute SQL statements response.",
 "id": "SqlInstancesExecuteSqlResponse",
 "properties": {
+"messages": {
+"description": "A list of notices and warnings generated during query execution. For PostgreSQL, this includes all notices and warnings. For MySQL, this includes warnings generated by the last executed statement. To retrieve all warnings for a multi-statement query, `SHOW WARNINGS` must be executed after each statement.",
+"items": {
+"$ref": "Message"
+},
+"type": "array"
+},
 "metadata": {
 "$ref": "Metadata",
 "description": "The additional metadata information regarding the execution of the SQL statements."
@@ -7968,6 +8043,22 @@ false
 },
 "type": "object"
 },
+"TargetMetric": {
+"description": "Target metric for read pool auto scaling.",
+"id": "TargetMetric",
+"properties": {
+"metric": {
+"description": "The metric name to be used for auto scaling.",
+"type": "string"
+},
+"targetValue": {
+"description": "The target value for the metric.",
+"format": "float",
+"type": "number"
+}
+},
+"type": "object"
+},
 "Tier": {
 "description": "A Google Cloud SQL service tier resource.",
 "id": "Tier",
@@ -8061,6 +8152,20 @@ false
 "description": "Optional. The host from which the user can connect. For `insert` operations, host defaults to an empty string. For `update` operations, host is specified as part of the request URL. The host name cannot be updated after insertion. For a MySQL instance, it's required; for a PostgreSQL or SQL Server instance, it's optional.",
 "type": "string"
 },
+"iamStatus": {
+"description": "Indicates if a group is active or inactive for IAM database authentication.",
+"enum": [
+"IAM_STATUS_UNSPECIFIED",
+"INACTIVE",
+"ACTIVE"
+],
+"enumDescriptions": [
+"The default value for users that are not of type CLOUD_IAM_GROUP. Only CLOUD_IAM_GROUP users will be inactive or active. Users with an IamStatus of IAM_STATUS_UNSPECIFIED will not display whether they are active or inactive as that is not applicable to them.",
+"INACTIVE indicates a group is not available for IAM database authentication.",
+"ACTIVE indicates a group is available for IAM database authentication."
+],
+"type": "string"
+},
 "instance": {
 "description": "The name of the Cloud SQL instance. This does not include the project ID. Can be omitted for *update* because it is already specified on the URL.",
 "type": "string"

googleapiclient/discovery_cache/documents/storagebatchoperations.v1.json

@@ -144,7 +144,7 @@
 ],
 "parameters": {
 "extraLocationTypes": {
-"description": "Optional. Do not use this field. It is unsupported and is ignored unless explicitly documented otherwise. This is primarily for internal usage.",
+"description": "Optional. Unless explicitly documented otherwise, don't use this unsupported field which is primarily intended for internal usage.",
 "location": "query",
 "repeated": true,
 "type": "string"
@@ -482,7 +482,7 @@
 }
 }
 },
-"revision": "20250813",
+"revision": "20250910",
 "rootUrl": "https://storagebatchoperations.googleapis.com/",
 "schemas": {
 "Bucket": {

googleapiclient/discovery_cache/documents/sts.v1.json

@@ -338,7 +338,7 @@
 }
 }
 },
-"revision": "20250813",
+"revision": "20250827",
 "rootUrl": "https://sts.googleapis.com/",
 "schemas": {
 "GoogleIamV1Binding": {
@@ -424,11 +424,11 @@
 "type": "string"
 },
 "subjectToken": {
-"description": "Required. The input token. This token is either an external credential issued by a workload identity pool provider, or a short-lived access token issued by Google. If the token is an OIDC JWT, it must use the JWT format defined in [RFC 7523](https://tools.ietf.org/html/rfc7523), and the `subject_token_type` must be either `urn:ietf:params:oauth:token-type:jwt` or `urn:ietf:params:oauth:token-type:id_token`. The following headers are required: - `kid`: The identifier of the signing key securing the JWT. - `alg`: The cryptographic algorithm securing the JWT. Must be `RS256` or `ES256`. The following payload fields are required. For more information, see [RFC 7523, Section 3](https://tools.ietf.org/html/rfc7523#section-3): - `iss`: The issuer of the token. The issuer must provide a discovery document at the URL `/.well-known/openid-configuration`, where `` is the value of this field. The document must be formatted according to section 4.2 of the [OIDC 1.0 Discovery specification](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse). - `iat`: The issue time, in seconds, since the Unix epoch. Must be in the past. - `exp`: The expiration time, in seconds, since the Unix epoch. Must be less than 48 hours after `iat`. Shorter expiration times are more secure. If possible, we recommend setting an expiration time less than 6 hours. - `sub`: The identity asserted in the JWT. - `aud`: For workload identity pools, this must be a value specified in the allowed audiences for the workload identity pool provider, or one of the audiences allowed by default if no audiences were specified. See https://cloud.google.com/iam/docs/reference/rest/v1/projects.locations.workloadIdentityPools.providers#oidc. For workforce pools, this must match the client ID specified in the provider configuration. See https://cloud.google.com/iam/docs/reference/rest/v1/locations.workforcePools.providers#oidc. Example header: ``` { \"alg\": \"RS256\", \"kid\": \"us-east-11\" } ``` Example payload: ``` { \"iss\": \"https://accounts.google.com\", \"iat\": 1517963104, \"exp\": 1517966704, \"aud\": \"//iam.googleapis.com/projects/1234567890123/locations/global/workloadIdentityPools/my-pool/providers/my-provider\", \"sub\": \"113475438248934895348\", \"my_claims\": { \"additional_claim\": \"value\" } } ``` If `subject_token` is for AWS, it must be a serialized `GetCallerIdentity` token. This token contains the same information as a request to the AWS [`GetCallerIdentity()`](https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity) method, as well as the AWS [signature](https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) for the request information. Use Signature Version 4. Format the request as URL-encoded JSON, and set the `subject_token_type` parameter to `urn:ietf:params:aws:token-type:aws4_request`. The following parameters are required: - `url`: The URL of the AWS STS endpoint for `GetCallerIdentity()`, such as `https://sts.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15`. Regional endpoints are also supported. - `method`: The HTTP request method: `POST`. - `headers`: The HTTP request headers, which must include: - `Authorization`: The request signature. - `x-amz-date`: The time you will send the request, formatted as an [ISO8601 Basic](https://docs.aws.amazon.com/general/latest/gr/sigv4_elements.html#sigv4_elements_date) string. This value is typically set to the current time and is used to help prevent replay attacks. - `host`: The hostname of the `url` field; for example, `sts.amazonaws.com`. - `x-goog-cloud-target-resource`: The full, canonical resource name of the workload identity pool provider, with or without an `https:` prefix. To help ensure data integrity, we recommend including this header in the `SignedHeaders` field of the signed request. For example: //iam.googleapis.com/projects//locations/global/workloadIdentityPools//providers/ https://iam.googleapis.com/projects//locations/global/workloadIdentityPools//providers/ If you are using temporary security credentials provided by AWS, you must also include the header `x-amz-security-token`, with the value set to the session token. The following example shows a `GetCallerIdentity` token: ``` { \"headers\": [ {\"key\": \"x-amz-date\", \"value\": \"20200815T015049Z\"}, {\"key\": \"Authorization\", \"value\": \"AWS4-HMAC-SHA256+Credential=$credential,+SignedHeaders=host;x-amz-date;x-goog-cloud-target-resource,+Signature=$signature\"}, {\"key\": \"x-goog-cloud-target-resource\", \"value\": \"//iam.googleapis.com/projects//locations/global/workloadIdentityPools//providers/\"}, {\"key\": \"host\", \"value\": \"sts.amazonaws.com\"} . ], \"method\": \"POST\", \"url\": \"https://sts.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15\" } ``` If the token is a SAML 2.0 assertion, it must use the format defined in [the SAML 2.0 spec](https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0-cd-02.pdf), and the `subject_token_type` must be `urn:ietf:params:oauth:token-type:saml2`. See [Verification of external credentials](https://cloud.google.com/iam/docs/using-workload-identity-federation#verification_of_external_credentials) for details on how SAML 2.0 assertions are validated during token exchanges. You can also use a Google-issued OAuth 2.0 access token with this field to obtain an access token with new security attributes applied, such as a Credential Access Boundary. In this case, set `subject_token_type` to `urn:ietf:params:oauth:token-type:access_token`. If an access token already contains security attributes, you cannot apply additional security attributes.",
+"description": "Required. The input token. This token is either an external credential issued by a workload identity pool provider, or a short-lived access token issued by Google. If the token is an OIDC JWT, it must use the JWT format defined in [RFC 7523](https://tools.ietf.org/html/rfc7523), and the `subject_token_type` must be either `urn:ietf:params:oauth:token-type:jwt` or `urn:ietf:params:oauth:token-type:id_token`. The following headers are required: - `kid`: The identifier of the signing key securing the JWT. - `alg`: The cryptographic algorithm securing the JWT. Must be `RS256` or `ES256`. The following payload fields are required. For more information, see [RFC 7523, Section 3](https://tools.ietf.org/html/rfc7523#section-3): - `iss`: The issuer of the token. The issuer must provide a discovery document at the URL `/.well-known/openid-configuration`, where `` is the value of this field. The document must be formatted according to section 4.2 of the [OIDC 1.0 Discovery specification](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse). - `iat`: The issue time, in seconds, since the Unix epoch. Must be in the past. - `exp`: The expiration time, in seconds, since the Unix epoch. Must be less than 48 hours after `iat`. Shorter expiration times are more secure. If possible, we recommend setting an expiration time less than 6 hours. - `sub`: The identity asserted in the JWT. - `aud`: For workload identity pools, this must be a value specified in the allowed audiences for the workload identity pool provider, or one of the audiences allowed by default if no audiences were specified. See https://cloud.google.com/iam/docs/reference/rest/v1/projects.locations.workloadIdentityPools.providers#oidc. For workforce pools, this must match the client ID specified in the provider configuration. See https://cloud.google.com/iam/docs/reference/rest/v1/locations.workforcePools.providers#oidc. Example header: ``` { \"alg\": \"RS256\", \"kid\": \"us-east-11\" } ``` Example payload: ``` { \"iss\": \"https://accounts.google.com\", \"iat\": 1517963104, \"exp\": 1517966704, \"aud\": \"//iam.googleapis.com/projects/1234567890123/locations/global/workloadIdentityPools/my-pool/providers/my-provider\", \"sub\": \"113475438248934895348\", \"my_claims\": { \"additional_claim\": \"value\" } } ``` If `subject_token` is for AWS, it must be a serialized `GetCallerIdentity` token. This token contains the same information as a request to the AWS [`GetCallerIdentity()`](https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity) method, as well as the AWS [signature](https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) for the request information. Use Signature Version 4. Format the request as URL-encoded JSON, and set the `subject_token_type` parameter to `urn:ietf:params:aws:token-type:aws4_request`. The following parameters are required: - `url`: The URL of the AWS STS endpoint for `GetCallerIdentity()`, such as `https://sts.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15`. Regional endpoints are also supported. - `method`: The HTTP request method: `POST`. - `headers`: The HTTP request headers, which must include: - `Authorization`: The request signature. - `x-amz-date`: The time you will send the request, formatted as an [ISO8601 Basic](https://docs.aws.amazon.com/general/latest/gr/sigv4_elements.html#sigv4_elements_date) string. This value is typically set to the current time and is used to help prevent replay attacks. - `host`: The hostname of the `url` field; for example, `sts.amazonaws.com`. - `x-goog-cloud-target-resource`: The full, canonical resource name of the workload identity pool provider, with or without an `https:` prefix. To help ensure data integrity, we recommend including this header in the `SignedHeaders` field of the signed request. For example: //iam.googleapis.com/projects//locations/global/workloadIdentityPools//providers/ https://iam.googleapis.com/projects//locations/global/workloadIdentityPools//providers/ If you are using temporary security credentials provided by AWS, you must also include the header `x-amz-security-token`, with the value set to the session token. The following example shows a `GetCallerIdentity` token: ``` { \"headers\": [ {\"key\": \"x-amz-date\", \"value\": \"20200815T015049Z\"}, {\"key\": \"Authorization\", \"value\": \"AWS4-HMAC-SHA256+Credential=$credential,+SignedHeaders=host;x-amz-date;x-goog-cloud-target-resource,+Signature=$signature\"}, {\"key\": \"x-goog-cloud-target-resource\", \"value\": \"//iam.googleapis.com/projects//locations/global/workloadIdentityPools//providers/\"}, {\"key\": \"host\", \"value\": \"sts.amazonaws.com\"} . ], \"method\": \"POST\", \"url\": \"https://sts.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15\" } ``` If the token is a SAML 2.0 assertion, it must use the format defined in [the SAML 2.0 spec](https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0-cd-02.pdf), and the `subject_token_type` must be `urn:ietf:params:oauth:token-type:saml2`. See [Verification of external credentials](https://cloud.google.com/iam/docs/using-workload-identity-federation#verification_of_external_credentials) for details on how SAML 2.0 assertions are validated during token exchanges. You can also use a Google-issued OAuth 2.0 access token with this field to obtain an access token with new security attributes applied, such as a Credential Access Boundary. In this case, set `subject_token_type` to `urn:ietf:params:oauth:token-type:access_token`. If an access token already contains security attributes, you cannot apply additional security attributes. If the request is for X.509 certificate-based authentication, the `subject_token` must be a JSON-formatted list of X.509 certificates in DER format, as defined in [RFC 7515](https://www.rfc-editor.org/rfc/rfc7515#section-4.1.6). `subject_token_type` must be `urn:ietf:params:oauth:token-type:mtls`. The following example shows a JSON-formatted list of X.509 certificate in DER format: ``` [\\\"MIIEYDCCA0i...\\\", \\\"MCIFFGAGTT0...\\\"] ```",
 "type": "string"
 },
 "subjectTokenType": {
-"description": "Required. An identifier that indicates the type of the security token in the `subject_token` parameter. Supported values are `urn:ietf:params:oauth:token-type:jwt`, `urn:ietf:params:oauth:token-type:id_token`, `urn:ietf:params:aws:token-type:aws4_request`, `urn:ietf:params:oauth:token-type:access_token`, and `urn:ietf:params:oauth:token-type:saml2`.",
+"description": "Required. An identifier that indicates the type of the security token in the `subject_token` parameter. Supported values are `urn:ietf:params:oauth:token-type:jwt`, `urn:ietf:params:oauth:token-type:id_token`, `urn:ietf:params:aws:token-type:aws4_request`, `urn:ietf:params:oauth:token-type:access_token`, `urn:ietf:params:oauth:token-type:mtls`, and `urn:ietf:params:oauth:token-type:saml2`.",
 "type": "string"
 }
 },

googleapiclient/discovery_cache/documents/texttospeech.v1.json

@@ -318,7 +318,7 @@
 }
 }
 },
-"revision": "20250805",
+"revision": "20250912",
 "rootUrl": "https://texttospeech.googleapis.com/",
 "schemas": {
 "AdvancedVoiceOptions": {
@@ -622,6 +622,10 @@
 "$ref": "MultiSpeakerMarkup",
 "description": "The multi-speaker input to be synthesized. Only applicable for multi-speaker synthesis."
 },
+"prompt": {
+"description": "This system instruction is supported only for controllable/promptable voice models. If this system instruction is used, we pass the unedited text to Gemini-TTS. Otherwise, a default system instruction is used. AI Studio calls this system instruction, Style Instructions.",
+"type": "string"
+},
 "ssml": {
 "description": "The SSML document to be synthesized. The SSML document must be valid and well-formed. Otherwise the RPC will fail and return google.rpc.Code.INVALID_ARGUMENT. For more information, see [SSML](https://cloud.google.com/text-to-speech/docs/ssml).",
 "type": "string"

googleapiclient/discovery_cache/documents/texttospeech.v1beta1.json

@@ -261,7 +261,7 @@
 }
 }
 },
-"revision": "20250805",
+"revision": "20250912",
 "rootUrl": "https://texttospeech.googleapis.com/",
 "schemas": {
 "AdvancedVoiceOptions": {
@@ -555,6 +555,10 @@
 "$ref": "MultiSpeakerMarkup",
 "description": "The multi-speaker input to be synthesized. Only applicable for multi-speaker synthesis."
 },
+"prompt": {
+"description": "This system instruction is supported only for controllable/promptable voice models. If this system instruction is used, we pass the unedited text to Gemini-TTS. Otherwise, a default system instruction is used. AI Studio calls this system instruction, Style Instructions.",
+"type": "string"
+},
 "ssml": {
 "description": "The SSML document to be synthesized. The SSML document must be valid and well-formed. Otherwise the RPC will fail and return google.rpc.Code.INVALID_ARGUMENT. For more information, see [SSML](https://cloud.google.com/text-to-speech/docs/ssml).",
 "type": "string"

googleapiclient/discovery_cache/documents/tpu.v1.json

@@ -144,7 +144,7 @@
 ],
 "parameters": {
 "extraLocationTypes": {
-"description": "Optional. Do not use this field. It is unsupported and is ignored unless explicitly documented otherwise. This is primarily for internal usage.",
+"description": "Optional. Unless explicitly documented otherwise, don't use this unsupported field which is primarily intended for internal usage.",
 "location": "query",
 "repeated": true,
 "type": "string"
@@ -665,7 +665,7 @@
 }
 }
 },
-"revision": "20250815",
+"revision": "20250903",
 "rootUrl": "https://tpu.googleapis.com/",
 "schemas": {
 "AcceleratorType": {

googleapiclient/discovery_cache/documents/tpu.v1alpha1.json

@@ -144,7 +144,7 @@
 ],
 "parameters": {
 "extraLocationTypes": {
-"description": "Optional. Do not use this field. It is unsupported and is ignored unless explicitly documented otherwise. This is primarily for internal usage.",
+"description": "Optional. Unless explicitly documented otherwise, don't use this unsupported field which is primarily intended for internal usage.",
 "location": "query",
 "repeated": true,
 "type": "string"
@@ -675,7 +675,7 @@
 }
 }
 },
-"revision": "20250815",
+"revision": "20250903",
 "rootUrl": "https://tpu.googleapis.com/",
 "schemas": {
 "AcceleratorType": {

googleapiclient/discovery_cache/documents/tpu.v2.json

@@ -172,7 +172,7 @@
 ],
 "parameters": {
 "extraLocationTypes": {
-"description": "Optional. Do not use this field. It is unsupported and is ignored unless explicitly documented otherwise. This is primarily for internal usage.",
+"description": "Optional. Unless explicitly documented otherwise, don't use this unsupported field which is primarily intended for internal usage.",
 "location": "query",
 "repeated": true,
 "type": "string"
@@ -893,7 +893,7 @@
 }
 }
 },
-"revision": "20250815",
+"revision": "20250903",
 "rootUrl": "https://tpu.googleapis.com/",
 "schemas": {
 "AcceleratorConfig": {
@@ -1000,12 +1000,34 @@
 },
 "type": "object"
 },
+"BootDiskConfig": {
+"description": "Sets the boot disk configuration for the TPU node.",
+"id": "BootDiskConfig",
+"properties": {
+"customerEncryptionKey": {
+"$ref": "CustomerEncryptionKey",
+"description": "Optional. Customer encryption key for boot disk."
+}
+},
+"type": "object"
+},
 "CreatingData": {
 "description": "Further data for the creating state.",
 "id": "CreatingData",
 "properties": {},
 "type": "object"
 },
+"CustomerEncryptionKey": {
+"description": "Defines the customer encryption key for disk encryption.",
+"id": "CustomerEncryptionKey",
+"properties": {
+"kmsKeyName": {
+"description": "The name of the encryption key that is stored in Google Cloud KMS. For example: \"kmsKeyName\": \"projects/KMS_PROJECT_ID/locations/REGION/keyRings/KEY_REGION/cryptoKeys/KEY The fully-qualifed key name may be returned for resource GET requests. For example: \"kmsKeyName\": \"projects/KMS_PROJECT_ID/locations/REGION/keyRings/KEY_REGION/cryptoKeys/KEY/cryptoKeyVersions/1 ",
+"type": "string"
+}
+},
+"type": "object"
+},
 "DeletingData": {
 "description": "Further data for the deleting state.",
 "id": "DeletingData",
@@ -1421,6 +1443,10 @@
 "readOnly": true,
 "type": "string"
 },
+"bootDiskConfig": {
+"$ref": "BootDiskConfig",
+"description": "Optional. Boot disk configuration."
+},
 "cidrBlock": {
 "description": "The CIDR block that the TPU node will use when selecting an IP address. This CIDR block must be a /29 block; the Compute Engine networks API forbids a smaller block, and using a larger block would be wasteful (a node can only consume one IP address). Errors will occur if the CIDR block has already been used for a currently existing TPU node, the CIDR block conflicts with any subnetworks in the user's provided network, or the provided network is peered with another network that is using that CIDR block.",
 "type": "string"

googleapiclient/discovery_cache/documents/tpu.v2alpha1.json

@@ -172,7 +172,7 @@
 ],
 "parameters": {
 "extraLocationTypes": {
-"description": "Optional. Do not use this field. It is unsupported and is ignored unless explicitly documented otherwise. This is primarily for internal usage.",
+"description": "Optional. Unless explicitly documented otherwise, don't use this unsupported field which is primarily intended for internal usage.",
 "location": "query",
 "repeated": true,
 "type": "string"
@@ -1027,7 +1027,7 @@
 }
 }
 },
-"revision": "20250815",
+"revision": "20250903",
 "rootUrl": "https://tpu.googleapis.com/",
 "schemas": {
 "AcceleratorConfig": {
@@ -1177,6 +1177,10 @@
 "sourceImage": {
 "description": "Optional. Image from which boot disk is to be created. If not specified, the default image for the runtime version will be used. Example: `projects/$PROJECT_ID/global/images/$IMAGE_NAME`.",
 "type": "string"
+},
+"storagePool": {
+"description": "Optional. The storage pool in which the boot disk is created. You can provide this as a partial or full URL to the resource.",
+"type": "string"
 }
 },
 "type": "object"

googleapiclient/discovery_cache/documents/trafficdirector.v2.json

@@ -128,7 +128,7 @@
 }
 }
 },
-"revision": "20240625",
+"revision": "20250908",
 "rootUrl": "https://trafficdirector.googleapis.com/",
 "schemas": {
 "Address": {
@@ -918,7 +918,7 @@
 "type": "object"
 },
 "ValueMatcher": {
-"description": "Specifies the way to match a ProtobufWkt::Value. Primitive values and ListValue are supported. StructValue is not supported and is always not matched. [#next-free-field: 7]",
+"description": "Specifies the way to match a Protobuf::Value. Primitive values and ListValue are supported. StructValue is not supported and is always not matched. [#next-free-field: 7]",
 "id": "ValueMatcher",
 "properties": {
 "boolMatch": {