diff --git a/alloydb/v1/alloydb-api.json b/alloydb/v1/alloydb-api.json index 1112565a961..5a4558c7ab5 100644 --- a/alloydb/v1/alloydb-api.json +++ b/alloydb/v1/alloydb-api.json @@ -1489,7 +1489,7 @@ } } }, - "revision": "20231128", + "revision": "20240103", "rootUrl": "https://alloydb.googleapis.com/", "schemas": { "AutomatedBackupPolicy": { @@ -3091,6 +3091,44 @@ }, "type": "object" }, + "StorageDatabasecenterPartnerapiV1mainCustomMetadataData": { + "description": "Any custom metadata associated with the resource. i.e. A spanner instance can have multiple databases with its own unique metadata. Information for these individual databases can be captured in custom metadata data", + "id": "StorageDatabasecenterPartnerapiV1mainCustomMetadataData", + "properties": { + "databaseMetadata": { + "items": { + "$ref": "StorageDatabasecenterPartnerapiV1mainDatabaseMetadata" + }, + "type": "array" + } + }, + "type": "object" + }, + "StorageDatabasecenterPartnerapiV1mainDatabaseMetadata": { + "description": "Metadata for individual databases created in an instance. i.e. spanner instance can have multiple databases with unique configuration settings.", + "id": "StorageDatabasecenterPartnerapiV1mainDatabaseMetadata", + "properties": { + "backupConfiguration": { + "$ref": "StorageDatabasecenterPartnerapiV1mainBackupConfiguration", + "description": "Backup configuration for this database" + }, + "backupRun": { + "$ref": "StorageDatabasecenterPartnerapiV1mainBackupRun", + "description": "Information about the last backup attempt for this database" + }, + "product": { + "$ref": "StorageDatabasecenterProtoCommonProduct" + }, + "resourceId": { + "$ref": "StorageDatabasecenterPartnerapiV1mainDatabaseResourceId" + }, + "resourceName": { + "description": "Required. Database name. Resource name to follow CAIS resource_name format as noted here go/condor-common-datamodel", + "type": "string" + } + }, + "type": "object" + }, "StorageDatabasecenterPartnerapiV1mainDatabaseResourceFeed": { "description": "DatabaseResourceFeed is the top level proto to be used to ingest different database resource level events into Condor platform.", "id": "StorageDatabasecenterPartnerapiV1mainDatabaseResourceFeed", @@ -3346,7 +3384,7 @@ "Represents if a resource violates NIST 800-53.", "Represents if a resource violates ISO-27001.", "Represents if a resource violates PCI-DSS v3.2.1.", - "LINT.IfChange(scc_signals) Represents if log_checkpoints database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if log_checkpoints database flag for a Cloud SQL for PostgreSQL instance is not set to on.", "Represents if the log_duration database flag for a Cloud SQL for PostgreSQL instance is not set to on.", "Represents if the log_error_verbosity database flag for a Cloud SQL for PostgreSQL instance is not set to default or stricter (default or terse).", "Represents if the log_lock_waits database flag for a Cloud SQL for PostgreSQL instance is not set to on.", @@ -3377,7 +3415,7 @@ "Represents if the remote access database flag for a Cloud SQL for SQL Server instance is not set to off.", "Represents if the skip_show_database database flag for a Cloud SQL for MySQL instance is not set to on.", "Represents if the 3625 (trace flag) database flag for a Cloud SQL for SQL Server instance is not set to on.", - "Represents if public IP is enabled. LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgjob/message_adapter/health_signal_feed/health_signal_mapping.h)" + "Represents if public IP is enabled." ], "type": "string" }, @@ -3482,12 +3520,8 @@ "type": "string" }, "customMetadata": { - "additionalProperties": { - "description": "Properties of the object.", - "type": "any" - }, - "description": "Any custom metadata associated with the resource (a JSON field)", - "type": "object" + "$ref": "StorageDatabasecenterPartnerapiV1mainCustomMetadataData", + "description": "Any custom metadata associated with the resource" }, "expectedState": { "description": "The state that the instance is expected to be in. For example, an instance state can transition to UNHEALTHY due to wrong patch update, while the expected state will remain at the HEALTHY.", @@ -3650,7 +3684,7 @@ "ENGINE_NATIVE", "NATIVE", "ENGINE_CLOUD_SPANNER_WITH_POSTGRES_DIALECT", - "SPANGRES", + "ENGINE_CLOUD_SPANNER_WITH_GOOGLESQL_DIALECT", "ENGINE_OTHER" ], "enumDeprecated": [ @@ -3664,7 +3698,7 @@ false, true, false, - true, + false, false ], "enumDescriptions": [ @@ -3677,8 +3711,8 @@ "SQLServer binary running as engine in database instance.", "Native database binary running as engine in instance.", "Native database binary running as engine in instance.", - "Cloud Spanner with Postgres dialect.", - "Cloud Spanner with Postgres dialect.", + "Cloud Spanner with PostgreSQL dialect.", + "Cloud Spanner with Google SQL dialect.", "Other refers to rest of other database engine. This is to be when engine is known, but it is not present in this enum." ], "type": "string" @@ -3692,7 +3726,6 @@ "PRODUCT_TYPE_ALLOYDB", "ALLOYDB", "PRODUCT_TYPE_SPANNER", - "SPANNER", "PRODUCT_TYPE_ON_PREM", "ON_PREM", "PRODUCT_TYPE_OTHER" @@ -3704,7 +3737,6 @@ false, true, false, - true, false, true, false @@ -3716,7 +3748,6 @@ "AlloyDB product area in GCP", "AlloyDB product area in GCP", "Spanner product area in GCP", - "Spanner product area in GCP", "On premises database product.", "On premises database product.", "Other refers to rest of other product type. This is to be when product type is known, but it is not present in this enum." diff --git a/alloydb/v1/alloydb-gen.go b/alloydb/v1/alloydb-gen.go index 38cf340623d..fc06a88117f 100644 --- a/alloydb/v1/alloydb-gen.go +++ b/alloydb/v1/alloydb-gen.go @@ -2676,6 +2676,80 @@ func (s *StorageDatabasecenterPartnerapiV1mainCompliance) MarshalJSON() ([]byte, return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// StorageDatabasecenterPartnerapiV1mainCustomMetadataData: Any custom +// metadata associated with the resource. i.e. A spanner instance can +// have multiple databases with its own unique metadata. Information for +// these individual databases can be captured in custom metadata data +type StorageDatabasecenterPartnerapiV1mainCustomMetadataData struct { + DatabaseMetadata []*StorageDatabasecenterPartnerapiV1mainDatabaseMetadata `json:"databaseMetadata,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DatabaseMetadata") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DatabaseMetadata") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *StorageDatabasecenterPartnerapiV1mainCustomMetadataData) MarshalJSON() ([]byte, error) { + type NoMethod StorageDatabasecenterPartnerapiV1mainCustomMetadataData + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// StorageDatabasecenterPartnerapiV1mainDatabaseMetadata: Metadata for +// individual databases created in an instance. i.e. spanner instance +// can have multiple databases with unique configuration settings. +type StorageDatabasecenterPartnerapiV1mainDatabaseMetadata struct { + // BackupConfiguration: Backup configuration for this database + BackupConfiguration *StorageDatabasecenterPartnerapiV1mainBackupConfiguration `json:"backupConfiguration,omitempty"` + + // BackupRun: Information about the last backup attempt for this + // database + BackupRun *StorageDatabasecenterPartnerapiV1mainBackupRun `json:"backupRun,omitempty"` + + Product *StorageDatabasecenterProtoCommonProduct `json:"product,omitempty"` + + ResourceId *StorageDatabasecenterPartnerapiV1mainDatabaseResourceId `json:"resourceId,omitempty"` + + // ResourceName: Required. Database name. Resource name to follow CAIS + // resource_name format as noted here go/condor-common-datamodel + ResourceName string `json:"resourceName,omitempty"` + + // ForceSendFields is a list of field names (e.g. "BackupConfiguration") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "BackupConfiguration") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *StorageDatabasecenterPartnerapiV1mainDatabaseMetadata) MarshalJSON() ([]byte, error) { + type NoMethod StorageDatabasecenterPartnerapiV1mainDatabaseMetadata + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // StorageDatabasecenterPartnerapiV1mainDatabaseResourceFeed: // DatabaseResourceFeed is the top level proto to be used to ingest // different database resource level events into Condor platform. @@ -2850,9 +2924,9 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // violates ISO-27001. // "SIGNAL_TYPE_VIOLATES_PCI_DSS_V3_2_1" - Represents if a resource // violates PCI-DSS v3.2.1. - // "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING" - - // LINT.IfChange(scc_signals) Represents if log_checkpoints database - // flag for a Cloud SQL for PostgreSQL instance is not set to on. + // "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING" - Represents + // if log_checkpoints database flag for a Cloud SQL for PostgreSQL + // instance is not set to on. // "SIGNAL_TYPE_QUERY_DURATIONS_NOT_LOGGED" - Represents if the // log_duration database flag for a Cloud SQL for PostgreSQL instance is // not set to on. @@ -2941,8 +3015,6 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // instance is not set to on. // "SIGNAL_TYPE_PUBLIC_IP_ENABLED" - Represents if public IP is // enabled. - // LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgj - // ob/message_adapter/health_signal_feed/health_signal_mapping.h) SignalType string `json:"signalType,omitempty"` // Possible values: @@ -3066,9 +3138,8 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceMetadata struct { // "STATE_OTHER" - For rest of the other category CurrentState string `json:"currentState,omitempty"` - // CustomMetadata: Any custom metadata associated with the resource (a - // JSON field) - CustomMetadata googleapi.RawMessage `json:"customMetadata,omitempty"` + // CustomMetadata: Any custom metadata associated with the resource + CustomMetadata *StorageDatabasecenterPartnerapiV1mainCustomMetadataData `json:"customMetadata,omitempty"` // ExpectedState: The state that the instance is expected to be in. For // example, an instance state can transition to UNHEALTHY due to wrong @@ -3260,8 +3331,9 @@ type StorageDatabasecenterProtoCommonProduct struct { // instance. // "NATIVE" - Native database binary running as engine in instance. // "ENGINE_CLOUD_SPANNER_WITH_POSTGRES_DIALECT" - Cloud Spanner with - // Postgres dialect. - // "SPANGRES" - Cloud Spanner with Postgres dialect. + // PostgreSQL dialect. + // "ENGINE_CLOUD_SPANNER_WITH_GOOGLESQL_DIALECT" - Cloud Spanner with + // Google SQL dialect. // "ENGINE_OTHER" - Other refers to rest of other database engine. // This is to be when engine is known, but it is not present in this // enum. @@ -3278,7 +3350,6 @@ type StorageDatabasecenterProtoCommonProduct struct { // "PRODUCT_TYPE_ALLOYDB" - AlloyDB product area in GCP // "ALLOYDB" - AlloyDB product area in GCP // "PRODUCT_TYPE_SPANNER" - Spanner product area in GCP - // "SPANNER" - Spanner product area in GCP // "PRODUCT_TYPE_ON_PREM" - On premises database product. // "ON_PREM" - On premises database product. // "PRODUCT_TYPE_OTHER" - Other refers to rest of other product type. diff --git a/alloydb/v1alpha/alloydb-api.json b/alloydb/v1alpha/alloydb-api.json index 7c91f91b390..94476c91207 100644 --- a/alloydb/v1alpha/alloydb-api.json +++ b/alloydb/v1alpha/alloydb-api.json @@ -1489,7 +1489,7 @@ } } }, - "revision": "20231206", + "revision": "20240103", "rootUrl": "https://alloydb.googleapis.com/", "schemas": { "AuthorizedNetwork": { @@ -2441,6 +2441,11 @@ "$ref": "PscInstanceConfig", "description": "Optional. The configuration for Private Service Connect (PSC) for the instance." }, + "publicIpAddress": { + "description": "Output only. The public IP addresses for the Instance. This is available ONLY when enable_public_ip is set. This is the connection endpoint for an end-user application.", + "readOnly": true, + "type": "string" + }, "queryInsightsConfig": { "$ref": "QueryInsightsInstanceConfig", "description": "Configuration for query insights." @@ -2879,7 +2884,7 @@ "type": "object" }, "PscConfig": { - "description": "PscConfig contains PSC related configuration at a cluster level. NEXT ID: 2", + "description": "PscConfig contains PSC related configuration at a cluster level.", "id": "PscConfig", "properties": { "pscEnabled": { @@ -2890,7 +2895,7 @@ "type": "object" }, "PscInstanceConfig": { - "description": "PscInstanceConfig contains PSC related configuration at an instance level. NEXT ID: 7", + "description": "PscInstanceConfig contains PSC related configuration at an instance level.", "id": "PscInstanceConfig", "properties": { "allowedConsumerNetworks": { @@ -3249,6 +3254,44 @@ }, "type": "object" }, + "StorageDatabasecenterPartnerapiV1mainCustomMetadataData": { + "description": "Any custom metadata associated with the resource. i.e. A spanner instance can have multiple databases with its own unique metadata. Information for these individual databases can be captured in custom metadata data", + "id": "StorageDatabasecenterPartnerapiV1mainCustomMetadataData", + "properties": { + "databaseMetadata": { + "items": { + "$ref": "StorageDatabasecenterPartnerapiV1mainDatabaseMetadata" + }, + "type": "array" + } + }, + "type": "object" + }, + "StorageDatabasecenterPartnerapiV1mainDatabaseMetadata": { + "description": "Metadata for individual databases created in an instance. i.e. spanner instance can have multiple databases with unique configuration settings.", + "id": "StorageDatabasecenterPartnerapiV1mainDatabaseMetadata", + "properties": { + "backupConfiguration": { + "$ref": "StorageDatabasecenterPartnerapiV1mainBackupConfiguration", + "description": "Backup configuration for this database" + }, + "backupRun": { + "$ref": "StorageDatabasecenterPartnerapiV1mainBackupRun", + "description": "Information about the last backup attempt for this database" + }, + "product": { + "$ref": "StorageDatabasecenterProtoCommonProduct" + }, + "resourceId": { + "$ref": "StorageDatabasecenterPartnerapiV1mainDatabaseResourceId" + }, + "resourceName": { + "description": "Required. Database name. Resource name to follow CAIS resource_name format as noted here go/condor-common-datamodel", + "type": "string" + } + }, + "type": "object" + }, "StorageDatabasecenterPartnerapiV1mainDatabaseResourceFeed": { "description": "DatabaseResourceFeed is the top level proto to be used to ingest different database resource level events into Condor platform.", "id": "StorageDatabasecenterPartnerapiV1mainDatabaseResourceFeed", @@ -3504,7 +3547,7 @@ "Represents if a resource violates NIST 800-53.", "Represents if a resource violates ISO-27001.", "Represents if a resource violates PCI-DSS v3.2.1.", - "LINT.IfChange(scc_signals) Represents if log_checkpoints database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if log_checkpoints database flag for a Cloud SQL for PostgreSQL instance is not set to on.", "Represents if the log_duration database flag for a Cloud SQL for PostgreSQL instance is not set to on.", "Represents if the log_error_verbosity database flag for a Cloud SQL for PostgreSQL instance is not set to default or stricter (default or terse).", "Represents if the log_lock_waits database flag for a Cloud SQL for PostgreSQL instance is not set to on.", @@ -3535,7 +3578,7 @@ "Represents if the remote access database flag for a Cloud SQL for SQL Server instance is not set to off.", "Represents if the skip_show_database database flag for a Cloud SQL for MySQL instance is not set to on.", "Represents if the 3625 (trace flag) database flag for a Cloud SQL for SQL Server instance is not set to on.", - "Represents if public IP is enabled. LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgjob/message_adapter/health_signal_feed/health_signal_mapping.h)" + "Represents if public IP is enabled." ], "type": "string" }, @@ -3640,12 +3683,8 @@ "type": "string" }, "customMetadata": { - "additionalProperties": { - "description": "Properties of the object.", - "type": "any" - }, - "description": "Any custom metadata associated with the resource (a JSON field)", - "type": "object" + "$ref": "StorageDatabasecenterPartnerapiV1mainCustomMetadataData", + "description": "Any custom metadata associated with the resource" }, "expectedState": { "description": "The state that the instance is expected to be in. For example, an instance state can transition to UNHEALTHY due to wrong patch update, while the expected state will remain at the HEALTHY.", @@ -3808,7 +3847,7 @@ "ENGINE_NATIVE", "NATIVE", "ENGINE_CLOUD_SPANNER_WITH_POSTGRES_DIALECT", - "SPANGRES", + "ENGINE_CLOUD_SPANNER_WITH_GOOGLESQL_DIALECT", "ENGINE_OTHER" ], "enumDeprecated": [ @@ -3822,7 +3861,7 @@ false, true, false, - true, + false, false ], "enumDescriptions": [ @@ -3835,8 +3874,8 @@ "SQLServer binary running as engine in database instance.", "Native database binary running as engine in instance.", "Native database binary running as engine in instance.", - "Cloud Spanner with Postgres dialect.", - "Cloud Spanner with Postgres dialect.", + "Cloud Spanner with PostgreSQL dialect.", + "Cloud Spanner with Google SQL dialect.", "Other refers to rest of other database engine. This is to be when engine is known, but it is not present in this enum." ], "type": "string" @@ -3850,7 +3889,6 @@ "PRODUCT_TYPE_ALLOYDB", "ALLOYDB", "PRODUCT_TYPE_SPANNER", - "SPANNER", "PRODUCT_TYPE_ON_PREM", "ON_PREM", "PRODUCT_TYPE_OTHER" @@ -3862,7 +3900,6 @@ false, true, false, - true, false, true, false @@ -3874,7 +3911,6 @@ "AlloyDB product area in GCP", "AlloyDB product area in GCP", "Spanner product area in GCP", - "Spanner product area in GCP", "On premises database product.", "On premises database product.", "Other refers to rest of other product type. This is to be when product type is known, but it is not present in this enum." diff --git a/alloydb/v1alpha/alloydb-gen.go b/alloydb/v1alpha/alloydb-gen.go index ed94e8e8bf6..fbd69e987a7 100644 --- a/alloydb/v1alpha/alloydb-gen.go +++ b/alloydb/v1alpha/alloydb-gen.go @@ -1509,6 +1509,11 @@ type Instance struct { // Connect (PSC) for the instance. PscInstanceConfig *PscInstanceConfig `json:"pscInstanceConfig,omitempty"` + // PublicIpAddress: Output only. The public IP addresses for the + // Instance. This is available ONLY when enable_public_ip is set. This + // is the connection endpoint for an end-user application. + PublicIpAddress string `json:"publicIpAddress,omitempty"` + // QueryInsightsConfig: Configuration for query insights. QueryInsightsConfig *QueryInsightsInstanceConfig `json:"queryInsightsConfig,omitempty"` @@ -2245,7 +2250,7 @@ func (s *PromoteClusterRequest) MarshalJSON() ([]byte, error) { } // PscConfig: PscConfig contains PSC related configuration at a cluster -// level. NEXT ID: 2 +// level. type PscConfig struct { // PscEnabled: Optional. Create an instance that allows connections from // Private Service Connect endpoints to the instance. @@ -2275,7 +2280,7 @@ func (s *PscConfig) MarshalJSON() ([]byte, error) { } // PscInstanceConfig: PscInstanceConfig contains PSC related -// configuration at an instance level. NEXT ID: 7 +// configuration at an instance level. type PscInstanceConfig struct { // AllowedConsumerNetworks: Optional. List of consumer networks that are // allowed to create PSC endpoints to service-attachments to this @@ -2918,6 +2923,80 @@ func (s *StorageDatabasecenterPartnerapiV1mainCompliance) MarshalJSON() ([]byte, return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// StorageDatabasecenterPartnerapiV1mainCustomMetadataData: Any custom +// metadata associated with the resource. i.e. A spanner instance can +// have multiple databases with its own unique metadata. Information for +// these individual databases can be captured in custom metadata data +type StorageDatabasecenterPartnerapiV1mainCustomMetadataData struct { + DatabaseMetadata []*StorageDatabasecenterPartnerapiV1mainDatabaseMetadata `json:"databaseMetadata,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DatabaseMetadata") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DatabaseMetadata") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *StorageDatabasecenterPartnerapiV1mainCustomMetadataData) MarshalJSON() ([]byte, error) { + type NoMethod StorageDatabasecenterPartnerapiV1mainCustomMetadataData + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// StorageDatabasecenterPartnerapiV1mainDatabaseMetadata: Metadata for +// individual databases created in an instance. i.e. spanner instance +// can have multiple databases with unique configuration settings. +type StorageDatabasecenterPartnerapiV1mainDatabaseMetadata struct { + // BackupConfiguration: Backup configuration for this database + BackupConfiguration *StorageDatabasecenterPartnerapiV1mainBackupConfiguration `json:"backupConfiguration,omitempty"` + + // BackupRun: Information about the last backup attempt for this + // database + BackupRun *StorageDatabasecenterPartnerapiV1mainBackupRun `json:"backupRun,omitempty"` + + Product *StorageDatabasecenterProtoCommonProduct `json:"product,omitempty"` + + ResourceId *StorageDatabasecenterPartnerapiV1mainDatabaseResourceId `json:"resourceId,omitempty"` + + // ResourceName: Required. Database name. Resource name to follow CAIS + // resource_name format as noted here go/condor-common-datamodel + ResourceName string `json:"resourceName,omitempty"` + + // ForceSendFields is a list of field names (e.g. "BackupConfiguration") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "BackupConfiguration") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *StorageDatabasecenterPartnerapiV1mainDatabaseMetadata) MarshalJSON() ([]byte, error) { + type NoMethod StorageDatabasecenterPartnerapiV1mainDatabaseMetadata + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // StorageDatabasecenterPartnerapiV1mainDatabaseResourceFeed: // DatabaseResourceFeed is the top level proto to be used to ingest // different database resource level events into Condor platform. @@ -3092,9 +3171,9 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // violates ISO-27001. // "SIGNAL_TYPE_VIOLATES_PCI_DSS_V3_2_1" - Represents if a resource // violates PCI-DSS v3.2.1. - // "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING" - - // LINT.IfChange(scc_signals) Represents if log_checkpoints database - // flag for a Cloud SQL for PostgreSQL instance is not set to on. + // "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING" - Represents + // if log_checkpoints database flag for a Cloud SQL for PostgreSQL + // instance is not set to on. // "SIGNAL_TYPE_QUERY_DURATIONS_NOT_LOGGED" - Represents if the // log_duration database flag for a Cloud SQL for PostgreSQL instance is // not set to on. @@ -3183,8 +3262,6 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // instance is not set to on. // "SIGNAL_TYPE_PUBLIC_IP_ENABLED" - Represents if public IP is // enabled. - // LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgj - // ob/message_adapter/health_signal_feed/health_signal_mapping.h) SignalType string `json:"signalType,omitempty"` // Possible values: @@ -3308,9 +3385,8 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceMetadata struct { // "STATE_OTHER" - For rest of the other category CurrentState string `json:"currentState,omitempty"` - // CustomMetadata: Any custom metadata associated with the resource (a - // JSON field) - CustomMetadata googleapi.RawMessage `json:"customMetadata,omitempty"` + // CustomMetadata: Any custom metadata associated with the resource + CustomMetadata *StorageDatabasecenterPartnerapiV1mainCustomMetadataData `json:"customMetadata,omitempty"` // ExpectedState: The state that the instance is expected to be in. For // example, an instance state can transition to UNHEALTHY due to wrong @@ -3502,8 +3578,9 @@ type StorageDatabasecenterProtoCommonProduct struct { // instance. // "NATIVE" - Native database binary running as engine in instance. // "ENGINE_CLOUD_SPANNER_WITH_POSTGRES_DIALECT" - Cloud Spanner with - // Postgres dialect. - // "SPANGRES" - Cloud Spanner with Postgres dialect. + // PostgreSQL dialect. + // "ENGINE_CLOUD_SPANNER_WITH_GOOGLESQL_DIALECT" - Cloud Spanner with + // Google SQL dialect. // "ENGINE_OTHER" - Other refers to rest of other database engine. // This is to be when engine is known, but it is not present in this // enum. @@ -3520,7 +3597,6 @@ type StorageDatabasecenterProtoCommonProduct struct { // "PRODUCT_TYPE_ALLOYDB" - AlloyDB product area in GCP // "ALLOYDB" - AlloyDB product area in GCP // "PRODUCT_TYPE_SPANNER" - Spanner product area in GCP - // "SPANNER" - Spanner product area in GCP // "PRODUCT_TYPE_ON_PREM" - On premises database product. // "ON_PREM" - On premises database product. // "PRODUCT_TYPE_OTHER" - Other refers to rest of other product type. diff --git a/alloydb/v1beta/alloydb-api.json b/alloydb/v1beta/alloydb-api.json index cf0e7b312ee..005ef67e4d6 100644 --- a/alloydb/v1beta/alloydb-api.json +++ b/alloydb/v1beta/alloydb-api.json @@ -1486,7 +1486,7 @@ } } }, - "revision": "20231206", + "revision": "20240103", "rootUrl": "https://alloydb.googleapis.com/", "schemas": { "AuthorizedNetwork": { @@ -2414,6 +2414,11 @@ "readOnly": true, "type": "array" }, + "publicIpAddress": { + "description": "Output only. The public IP addresses for the Instance. This is available ONLY when enable_public_ip is set. This is the connection endpoint for an end-user application.", + "readOnly": true, + "type": "string" + }, "queryInsightsConfig": { "$ref": "QueryInsightsInstanceConfig", "description": "Configuration for query insights." @@ -3144,6 +3149,44 @@ }, "type": "object" }, + "StorageDatabasecenterPartnerapiV1mainCustomMetadataData": { + "description": "Any custom metadata associated with the resource. i.e. A spanner instance can have multiple databases with its own unique metadata. Information for these individual databases can be captured in custom metadata data", + "id": "StorageDatabasecenterPartnerapiV1mainCustomMetadataData", + "properties": { + "databaseMetadata": { + "items": { + "$ref": "StorageDatabasecenterPartnerapiV1mainDatabaseMetadata" + }, + "type": "array" + } + }, + "type": "object" + }, + "StorageDatabasecenterPartnerapiV1mainDatabaseMetadata": { + "description": "Metadata for individual databases created in an instance. i.e. spanner instance can have multiple databases with unique configuration settings.", + "id": "StorageDatabasecenterPartnerapiV1mainDatabaseMetadata", + "properties": { + "backupConfiguration": { + "$ref": "StorageDatabasecenterPartnerapiV1mainBackupConfiguration", + "description": "Backup configuration for this database" + }, + "backupRun": { + "$ref": "StorageDatabasecenterPartnerapiV1mainBackupRun", + "description": "Information about the last backup attempt for this database" + }, + "product": { + "$ref": "StorageDatabasecenterProtoCommonProduct" + }, + "resourceId": { + "$ref": "StorageDatabasecenterPartnerapiV1mainDatabaseResourceId" + }, + "resourceName": { + "description": "Required. Database name. Resource name to follow CAIS resource_name format as noted here go/condor-common-datamodel", + "type": "string" + } + }, + "type": "object" + }, "StorageDatabasecenterPartnerapiV1mainDatabaseResourceFeed": { "description": "DatabaseResourceFeed is the top level proto to be used to ingest different database resource level events into Condor platform.", "id": "StorageDatabasecenterPartnerapiV1mainDatabaseResourceFeed", @@ -3399,7 +3442,7 @@ "Represents if a resource violates NIST 800-53.", "Represents if a resource violates ISO-27001.", "Represents if a resource violates PCI-DSS v3.2.1.", - "LINT.IfChange(scc_signals) Represents if log_checkpoints database flag for a Cloud SQL for PostgreSQL instance is not set to on.", + "Represents if log_checkpoints database flag for a Cloud SQL for PostgreSQL instance is not set to on.", "Represents if the log_duration database flag for a Cloud SQL for PostgreSQL instance is not set to on.", "Represents if the log_error_verbosity database flag for a Cloud SQL for PostgreSQL instance is not set to default or stricter (default or terse).", "Represents if the log_lock_waits database flag for a Cloud SQL for PostgreSQL instance is not set to on.", @@ -3430,7 +3473,7 @@ "Represents if the remote access database flag for a Cloud SQL for SQL Server instance is not set to off.", "Represents if the skip_show_database database flag for a Cloud SQL for MySQL instance is not set to on.", "Represents if the 3625 (trace flag) database flag for a Cloud SQL for SQL Server instance is not set to on.", - "Represents if public IP is enabled. LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgjob/message_adapter/health_signal_feed/health_signal_mapping.h)" + "Represents if public IP is enabled." ], "type": "string" }, @@ -3535,12 +3578,8 @@ "type": "string" }, "customMetadata": { - "additionalProperties": { - "description": "Properties of the object.", - "type": "any" - }, - "description": "Any custom metadata associated with the resource (a JSON field)", - "type": "object" + "$ref": "StorageDatabasecenterPartnerapiV1mainCustomMetadataData", + "description": "Any custom metadata associated with the resource" }, "expectedState": { "description": "The state that the instance is expected to be in. For example, an instance state can transition to UNHEALTHY due to wrong patch update, while the expected state will remain at the HEALTHY.", @@ -3703,7 +3742,7 @@ "ENGINE_NATIVE", "NATIVE", "ENGINE_CLOUD_SPANNER_WITH_POSTGRES_DIALECT", - "SPANGRES", + "ENGINE_CLOUD_SPANNER_WITH_GOOGLESQL_DIALECT", "ENGINE_OTHER" ], "enumDeprecated": [ @@ -3717,7 +3756,7 @@ false, true, false, - true, + false, false ], "enumDescriptions": [ @@ -3730,8 +3769,8 @@ "SQLServer binary running as engine in database instance.", "Native database binary running as engine in instance.", "Native database binary running as engine in instance.", - "Cloud Spanner with Postgres dialect.", - "Cloud Spanner with Postgres dialect.", + "Cloud Spanner with PostgreSQL dialect.", + "Cloud Spanner with Google SQL dialect.", "Other refers to rest of other database engine. This is to be when engine is known, but it is not present in this enum." ], "type": "string" @@ -3745,7 +3784,6 @@ "PRODUCT_TYPE_ALLOYDB", "ALLOYDB", "PRODUCT_TYPE_SPANNER", - "SPANNER", "PRODUCT_TYPE_ON_PREM", "ON_PREM", "PRODUCT_TYPE_OTHER" @@ -3757,7 +3795,6 @@ false, true, false, - true, false, true, false @@ -3769,7 +3806,6 @@ "AlloyDB product area in GCP", "AlloyDB product area in GCP", "Spanner product area in GCP", - "Spanner product area in GCP", "On premises database product.", "On premises database product.", "Other refers to rest of other product type. This is to be when product type is known, but it is not present in this enum." diff --git a/alloydb/v1beta/alloydb-gen.go b/alloydb/v1beta/alloydb-gen.go index 21dae5dc5a5..0010772629e 100644 --- a/alloydb/v1beta/alloydb-gen.go +++ b/alloydb/v1beta/alloydb-gen.go @@ -1490,6 +1490,11 @@ type Instance struct { // including the standby for a PRIMARY instance. Nodes []*Node `json:"nodes,omitempty"` + // PublicIpAddress: Output only. The public IP addresses for the + // Instance. This is available ONLY when enable_public_ip is set. This + // is the connection endpoint for an end-user application. + PublicIpAddress string `json:"publicIpAddress,omitempty"` + // QueryInsightsConfig: Configuration for query insights. QueryInsightsConfig *QueryInsightsInstanceConfig `json:"queryInsightsConfig,omitempty"` @@ -2762,6 +2767,80 @@ func (s *StorageDatabasecenterPartnerapiV1mainCompliance) MarshalJSON() ([]byte, return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// StorageDatabasecenterPartnerapiV1mainCustomMetadataData: Any custom +// metadata associated with the resource. i.e. A spanner instance can +// have multiple databases with its own unique metadata. Information for +// these individual databases can be captured in custom metadata data +type StorageDatabasecenterPartnerapiV1mainCustomMetadataData struct { + DatabaseMetadata []*StorageDatabasecenterPartnerapiV1mainDatabaseMetadata `json:"databaseMetadata,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DatabaseMetadata") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DatabaseMetadata") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *StorageDatabasecenterPartnerapiV1mainCustomMetadataData) MarshalJSON() ([]byte, error) { + type NoMethod StorageDatabasecenterPartnerapiV1mainCustomMetadataData + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// StorageDatabasecenterPartnerapiV1mainDatabaseMetadata: Metadata for +// individual databases created in an instance. i.e. spanner instance +// can have multiple databases with unique configuration settings. +type StorageDatabasecenterPartnerapiV1mainDatabaseMetadata struct { + // BackupConfiguration: Backup configuration for this database + BackupConfiguration *StorageDatabasecenterPartnerapiV1mainBackupConfiguration `json:"backupConfiguration,omitempty"` + + // BackupRun: Information about the last backup attempt for this + // database + BackupRun *StorageDatabasecenterPartnerapiV1mainBackupRun `json:"backupRun,omitempty"` + + Product *StorageDatabasecenterProtoCommonProduct `json:"product,omitempty"` + + ResourceId *StorageDatabasecenterPartnerapiV1mainDatabaseResourceId `json:"resourceId,omitempty"` + + // ResourceName: Required. Database name. Resource name to follow CAIS + // resource_name format as noted here go/condor-common-datamodel + ResourceName string `json:"resourceName,omitempty"` + + // ForceSendFields is a list of field names (e.g. "BackupConfiguration") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "BackupConfiguration") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *StorageDatabasecenterPartnerapiV1mainDatabaseMetadata) MarshalJSON() ([]byte, error) { + type NoMethod StorageDatabasecenterPartnerapiV1mainDatabaseMetadata + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // StorageDatabasecenterPartnerapiV1mainDatabaseResourceFeed: // DatabaseResourceFeed is the top level proto to be used to ingest // different database resource level events into Condor platform. @@ -2936,9 +3015,9 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // violates ISO-27001. // "SIGNAL_TYPE_VIOLATES_PCI_DSS_V3_2_1" - Represents if a resource // violates PCI-DSS v3.2.1. - // "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING" - - // LINT.IfChange(scc_signals) Represents if log_checkpoints database - // flag for a Cloud SQL for PostgreSQL instance is not set to on. + // "SIGNAL_TYPE_LOGS_NOT_OPTIMIZED_FOR_TROUBLESHOOTING" - Represents + // if log_checkpoints database flag for a Cloud SQL for PostgreSQL + // instance is not set to on. // "SIGNAL_TYPE_QUERY_DURATIONS_NOT_LOGGED" - Represents if the // log_duration database flag for a Cloud SQL for PostgreSQL instance is // not set to on. @@ -3027,8 +3106,6 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData struc // instance is not set to on. // "SIGNAL_TYPE_PUBLIC_IP_ENABLED" - Represents if public IP is // enabled. - // LINT.ThenChange(//depot/google3/storage/databasecenter/ingestion/borgj - // ob/message_adapter/health_signal_feed/health_signal_mapping.h) SignalType string `json:"signalType,omitempty"` // Possible values: @@ -3152,9 +3229,8 @@ type StorageDatabasecenterPartnerapiV1mainDatabaseResourceMetadata struct { // "STATE_OTHER" - For rest of the other category CurrentState string `json:"currentState,omitempty"` - // CustomMetadata: Any custom metadata associated with the resource (a - // JSON field) - CustomMetadata googleapi.RawMessage `json:"customMetadata,omitempty"` + // CustomMetadata: Any custom metadata associated with the resource + CustomMetadata *StorageDatabasecenterPartnerapiV1mainCustomMetadataData `json:"customMetadata,omitempty"` // ExpectedState: The state that the instance is expected to be in. For // example, an instance state can transition to UNHEALTHY due to wrong @@ -3346,8 +3422,9 @@ type StorageDatabasecenterProtoCommonProduct struct { // instance. // "NATIVE" - Native database binary running as engine in instance. // "ENGINE_CLOUD_SPANNER_WITH_POSTGRES_DIALECT" - Cloud Spanner with - // Postgres dialect. - // "SPANGRES" - Cloud Spanner with Postgres dialect. + // PostgreSQL dialect. + // "ENGINE_CLOUD_SPANNER_WITH_GOOGLESQL_DIALECT" - Cloud Spanner with + // Google SQL dialect. // "ENGINE_OTHER" - Other refers to rest of other database engine. // This is to be when engine is known, but it is not present in this // enum. @@ -3364,7 +3441,6 @@ type StorageDatabasecenterProtoCommonProduct struct { // "PRODUCT_TYPE_ALLOYDB" - AlloyDB product area in GCP // "ALLOYDB" - AlloyDB product area in GCP // "PRODUCT_TYPE_SPANNER" - Spanner product area in GCP - // "SPANNER" - Spanner product area in GCP // "PRODUCT_TYPE_ON_PREM" - On premises database product. // "ON_PREM" - On premises database product. // "PRODUCT_TYPE_OTHER" - Other refers to rest of other product type. diff --git a/apigateway/v1/apigateway-api.json b/apigateway/v1/apigateway-api.json index fff19241608..1080000969a 100644 --- a/apigateway/v1/apigateway-api.json +++ b/apigateway/v1/apigateway-api.json @@ -1083,7 +1083,7 @@ } } }, - "revision": "20230802", + "revision": "20240103", "rootUrl": "https://apigateway.googleapis.com/", "schemas": { "ApigatewayApi": { @@ -1336,7 +1336,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/apigateway/v1/apigateway-gen.go b/apigateway/v1/apigateway-gen.go index d797008b968..e0944dde0af 100644 --- a/apigateway/v1/apigateway-gen.go +++ b/apigateway/v1/apigateway-gen.go @@ -616,11 +616,34 @@ type ApigatewayBinding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -632,7 +655,12 @@ type ApigatewayBinding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/apigateway/v1beta/apigateway-api.json b/apigateway/v1beta/apigateway-api.json index 68a2ed1ff59..b632cbbd059 100644 --- a/apigateway/v1beta/apigateway-api.json +++ b/apigateway/v1beta/apigateway-api.json @@ -1083,7 +1083,7 @@ } } }, - "revision": "20230802", + "revision": "20240103", "rootUrl": "https://apigateway.googleapis.com/", "schemas": { "ApigatewayApi": { @@ -1352,7 +1352,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/apigateway/v1beta/apigateway-gen.go b/apigateway/v1beta/apigateway-gen.go index 080e0322cf0..c61c9f9f379 100644 --- a/apigateway/v1beta/apigateway-gen.go +++ b/apigateway/v1beta/apigateway-gen.go @@ -660,11 +660,34 @@ type ApigatewayBinding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -676,7 +699,12 @@ type ApigatewayBinding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/apphub/v1/apphub-api.json b/apphub/v1/apphub-api.json index 76c98ede498..cca0b30b931 100644 --- a/apphub/v1/apphub-api.json +++ b/apphub/v1/apphub-api.json @@ -396,7 +396,7 @@ } } }, - "revision": "20231208", + "revision": "20240104", "rootUrl": "https://apphub.googleapis.com/", "schemas": { "AuditConfig": { @@ -456,7 +456,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/apphub/v1/apphub-gen.go b/apphub/v1/apphub-gen.go index 469a448a70c..31e4c8ea6ef 100644 --- a/apphub/v1/apphub-gen.go +++ b/apphub/v1/apphub-gen.go @@ -329,11 +329,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -345,7 +368,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/apphub/v1alpha/apphub-api.json b/apphub/v1alpha/apphub-api.json index da7f3fadd23..7b9396564f1 100644 --- a/apphub/v1alpha/apphub-api.json +++ b/apphub/v1alpha/apphub-api.json @@ -1378,7 +1378,7 @@ } } }, - "revision": "20231129", + "revision": "20240104", "rootUrl": "https://apphub.googleapis.com/", "schemas": { "Application": { @@ -1535,7 +1535,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/apphub/v1alpha/apphub-gen.go b/apphub/v1alpha/apphub-gen.go index c2edc89c661..373ec95f59c 100644 --- a/apphub/v1alpha/apphub-gen.go +++ b/apphub/v1alpha/apphub-gen.go @@ -504,11 +504,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -520,7 +543,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/batch/v1/batch-api.json b/batch/v1/batch-api.json index 0d366be0347..6de316fe627 100644 --- a/batch/v1/batch-api.json +++ b/batch/v1/batch-api.json @@ -561,7 +561,7 @@ } } }, - "revision": "20231213", + "revision": "20240103", "rootUrl": "https://batch.googleapis.com/", "schemas": { "Accelerator": { @@ -988,7 +988,7 @@ }, "network": { "$ref": "NetworkPolicy", - "description": "The network policy. If you define an instance template in the InstancePolicyOrTemplate field, Batch will use the network settings in the instance template instead of this field." + "description": "The network policy. If you define an instance template in the `InstancePolicyOrTemplate` field, Batch will use the network settings in the instance template instead of this field." }, "placement": { "$ref": "PlacementPolicy", @@ -1043,6 +1043,17 @@ "properties": {}, "type": "object" }, + "CloudLoggingOption": { + "description": "`CloudLoggingOption` contains additional settings for Cloud Logging logs generated by Batch job.", + "id": "CloudLoggingOption", + "properties": { + "useGenericTaskMonitoredResource": { + "description": "Optional. Set this flag to true to change the [monitored resource type](https://cloud.google.com/monitoring/api/resources) for Cloud Logging logs generated by this Batch job from the [`batch.googleapis.com/Job`](https://cloud.google.com/monitoring/api/resources#tag_batch.googleapis.com/Job) type to the formerly used [`generic_task`](https://cloud.google.com/monitoring/api/resources#tag_generic_task) type.", + "type": "boolean" + } + }, + "type": "object" + }, "ComputeResource": { "description": "Compute resource requirements. ComputeResource defines the amount of resources required for each task. Make sure your tasks have enough resources to successfully run. If you also define the types of resources for a job to use with the [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) field, make sure both fields are compatible with each other.", "id": "ComputeResource", @@ -1081,7 +1092,7 @@ "type": "array" }, "enableImageStreaming": { - "description": "Optional. If set to true, container will run with Image streaming. The container runtime will be changed to containerd instead of docker. Currently, only imageUri, commands, entrypoint and volumes are supported and any other fields will be ignored. Please refer [here](https://github.com/GoogleCloudPlatform/batch-samples/tree/main/api-samples/image-streaming) for the feature requirements and limitations.", + "description": "Optional. If set to true, this container runnable uses Image streaming. Use Image streaming to allow the runnable to initialize without waiting for the entire container image to download, which can significantly reduce startup time for large container images. When `enableImageStreaming` is set to true, the container runtime is [containerd](https://containerd.io/) instead of Docker. Additionally, this container runnable only supports the following `container` subfields: `imageUri`, `commands[]`, `entrypoint`, and `volumes[]`; any other `container` subfields are ignored. For more information about the requirements and limitations for using Image streaming with Batch, see the [`image-streaming` sample on GitHub](https://github.com/GoogleCloudPlatform/batch-samples/tree/main/api-samples/image-streaming).", "type": "boolean" }, "entrypoint": { @@ -1599,6 +1610,10 @@ "description": "LogsPolicy describes how outputs from a Job's Tasks (stdout/stderr) will be preserved.", "id": "LogsPolicy", "properties": { + "cloudLoggingOption": { + "$ref": "CloudLoggingOption", + "description": "Optional. Additional settings for Cloud Logging. It will only take effect when the destination of `LogsPolicy` is set to `CLOUD_LOGGING`." + }, "destination": { "description": "Where logs should be saved.", "enum": [ @@ -2081,6 +2096,10 @@ "description": "When true, Batch will populate a file with a list of all VMs assigned to the TaskGroup and set the BATCH_HOSTS_FILE environment variable to the path of that file. Defaults to false.", "type": "boolean" }, + "runAsNonRoot": { + "description": "Optional. If not set or set to false, Batch will use root user to execute runnables. If set to true, Batch will make sure to run the runnables using non-root user. Currently, the non-root user Batch used is generated by OS login. Reference: https://cloud.google.com/compute/docs/oslogin", + "type": "boolean" + }, "schedulingPolicy": { "description": "Scheduling policy for Tasks in the TaskGroup. The default value is AS_SOON_AS_POSSIBLE.", "enum": [ diff --git a/batch/v1/batch-gen.go b/batch/v1/batch-gen.go index bcc4b09cf8a..37114f78193 100644 --- a/batch/v1/batch-gen.go +++ b/batch/v1/batch-gen.go @@ -874,7 +874,7 @@ type AllocationPolicy struct { Location *LocationPolicy `json:"location,omitempty"` // Network: The network policy. If you define an instance template in - // the InstancePolicyOrTemplate field, Batch will use the network + // the `InstancePolicyOrTemplate` field, Batch will use the network // settings in the instance template instead of this field. Network *NetworkPolicy `json:"network,omitempty"` @@ -985,6 +985,44 @@ func (s *Barrier) MarshalJSON() ([]byte, error) { type CancelOperationRequest struct { } +// CloudLoggingOption: `CloudLoggingOption` contains additional settings +// for Cloud Logging logs generated by Batch job. +type CloudLoggingOption struct { + // UseGenericTaskMonitoredResource: Optional. Set this flag to true to + // change the monitored resource type + // (https://cloud.google.com/monitoring/api/resources) for Cloud Logging + // logs generated by this Batch job from the `batch.googleapis.com/Job` + // (https://cloud.google.com/monitoring/api/resources#tag_batch.googleapis.com/Job) + // type to the formerly used `generic_task` + // (https://cloud.google.com/monitoring/api/resources#tag_generic_task) + // type. + UseGenericTaskMonitoredResource bool `json:"useGenericTaskMonitoredResource,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "UseGenericTaskMonitoredResource") to unconditionally include in API + // requests. By default, fields with empty or default values are omitted + // from API requests. However, any non-pointer, non-interface field + // appearing in ForceSendFields will be sent to the server regardless of + // whether the field is empty or not. This may be used to include empty + // fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. + // "UseGenericTaskMonitoredResource") to include in API requests with + // the JSON null value. By default, fields with empty values are omitted + // from API requests. However, any field with an empty value appearing + // in NullFields will be sent to the server as null. It is an error if a + // field in this list has a non-empty value. This may be used to include + // null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *CloudLoggingOption) MarshalJSON() ([]byte, error) { + type NoMethod CloudLoggingOption + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // ComputeResource: Compute resource requirements. ComputeResource // defines the amount of resources required for each task. Make sure // your tasks have enough resources to successfully run. If you also @@ -1068,13 +1106,19 @@ type Container struct { // ENTRYPOINT. Commands []string `json:"commands,omitempty"` - // EnableImageStreaming: Optional. If set to true, container will run - // with Image streaming. The container runtime will be changed to - // containerd instead of docker. Currently, only imageUri, commands, - // entrypoint and volumes are supported and any other fields will be - // ignored. Please refer here - // (https://github.com/GoogleCloudPlatform/batch-samples/tree/main/api-samples/image-streaming) - // for the feature requirements and limitations. + // EnableImageStreaming: Optional. If set to true, this container + // runnable uses Image streaming. Use Image streaming to allow the + // runnable to initialize without waiting for the entire container image + // to download, which can significantly reduce startup time for large + // container images. When `enableImageStreaming` is set to true, the + // container runtime is containerd (https://containerd.io/) instead of + // Docker. Additionally, this container runnable only supports the + // following `container` subfields: `imageUri`, `commands[]`, + // `entrypoint`, and `volumes[]`; any other `container` subfields are + // ignored. For more information about the requirements and limitations + // for using Image streaming with Batch, see the `image-streaming` + // sample on GitHub + // (https://github.com/GoogleCloudPlatform/batch-samples/tree/main/api-samples/image-streaming). EnableImageStreaming bool `json:"enableImageStreaming,omitempty"` // Entrypoint: Overrides the `ENTRYPOINT` specified in the container. @@ -1928,6 +1972,11 @@ func (s *LocationPolicy) MarshalJSON() ([]byte, error) { // LogsPolicy: LogsPolicy describes how outputs from a Job's Tasks // (stdout/stderr) will be preserved. type LogsPolicy struct { + // CloudLoggingOption: Optional. Additional settings for Cloud Logging. + // It will only take effect when the destination of `LogsPolicy` is set + // to `CLOUD_LOGGING`. + CloudLoggingOption *CloudLoggingOption `json:"cloudLoggingOption,omitempty"` + // Destination: Where logs should be saved. // // Possible values: @@ -1941,20 +1990,21 @@ type LogsPolicy struct { // point of a Persistent Disk or Filestore, or a Cloud Storage path. LogsPath string `json:"logsPath,omitempty"` - // ForceSendFields is a list of field names (e.g. "Destination") to - // unconditionally include in API requests. By default, fields with + // ForceSendFields is a list of field names (e.g. "CloudLoggingOption") + // to unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Destination") to include - // in API requests with the JSON null value. By default, fields with - // empty values are omitted from API requests. However, any field with - // an empty value appearing in NullFields will be sent to the server as - // null. It is an error if a field in this list has a non-empty value. - // This may be used to include null fields in Patch requests. + // NullFields is a list of field names (e.g. "CloudLoggingOption") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. NullFields []string `json:"-"` } @@ -2717,6 +2767,13 @@ type TaskGroup struct { // environment variable to the path of that file. Defaults to false. RequireHostsFile bool `json:"requireHostsFile,omitempty"` + // RunAsNonRoot: Optional. If not set or set to false, Batch will use + // root user to execute runnables. If set to true, Batch will make sure + // to run the runnables using non-root user. Currently, the non-root + // user Batch used is generated by OS login. Reference: + // https://cloud.google.com/compute/docs/oslogin + RunAsNonRoot bool `json:"runAsNonRoot,omitempty"` + // SchedulingPolicy: Scheduling policy for Tasks in the TaskGroup. The // default value is AS_SOON_AS_POSSIBLE. // diff --git a/beyondcorp/v1/beyondcorp-api.json b/beyondcorp/v1/beyondcorp-api.json index 562c2fb4684..c6683db7d18 100644 --- a/beyondcorp/v1/beyondcorp-api.json +++ b/beyondcorp/v1/beyondcorp-api.json @@ -1804,7 +1804,7 @@ } } }, - "revision": "20230911", + "revision": "20240103", "rootUrl": "https://beyondcorp.googleapis.com/", "schemas": { "AllocatedConnection": { @@ -3124,7 +3124,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/beyondcorp/v1/beyondcorp-gen.go b/beyondcorp/v1/beyondcorp-gen.go index 5e9729007a3..f31147f43a3 100644 --- a/beyondcorp/v1/beyondcorp-gen.go +++ b/beyondcorp/v1/beyondcorp-gen.go @@ -2219,11 +2219,34 @@ type GoogleIamV1Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -2235,7 +2258,12 @@ type GoogleIamV1Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/beyondcorp/v1alpha/beyondcorp-api.json b/beyondcorp/v1alpha/beyondcorp-api.json index 13a72aab7fd..62eb4812a11 100644 --- a/beyondcorp/v1alpha/beyondcorp-api.json +++ b/beyondcorp/v1alpha/beyondcorp-api.json @@ -3716,7 +3716,7 @@ } } }, - "revision": "20231025", + "revision": "20240103", "rootUrl": "https://beyondcorp.googleapis.com/", "schemas": { "AllocatedConnection": { @@ -5924,7 +5924,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/beyondcorp/v1alpha/beyondcorp-gen.go b/beyondcorp/v1alpha/beyondcorp-gen.go index ab797d450ff..1c13493cb74 100644 --- a/beyondcorp/v1alpha/beyondcorp-gen.go +++ b/beyondcorp/v1alpha/beyondcorp-gen.go @@ -3637,11 +3637,34 @@ type GoogleIamV1Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -3653,7 +3676,12 @@ type GoogleIamV1Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/cloudasset/v1/cloudasset-api.json b/cloudasset/v1/cloudasset-api.json index b4fda091915..eb073b4037c 100644 --- a/cloudasset/v1/cloudasset-api.json +++ b/cloudasset/v1/cloudasset-api.json @@ -1095,7 +1095,7 @@ } } }, - "revision": "20231214", + "revision": "20240105", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AccessSelector": { @@ -2950,11 +2950,11 @@ "id": "GoogleIdentityAccesscontextmanagerV1MethodSelector", "properties": { "method": { - "description": "Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.", + "description": "A valid method name for the corresponding `service_name` in ApiOperation. If `*` is used as the value for the `method`, then ALL methods and permissions are allowed.", "type": "string" }, "permission": { - "description": "Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.", + "description": "A valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.", "type": "string" } }, diff --git a/cloudasset/v1/cloudasset-gen.go b/cloudasset/v1/cloudasset-gen.go index 70248f8bb14..4c43c6cf098 100644 --- a/cloudasset/v1/cloudasset-gen.go +++ b/cloudasset/v1/cloudasset-gen.go @@ -3940,13 +3940,13 @@ func (s *GoogleIdentityAccesscontextmanagerV1IngressTo) MarshalJSON() ([]byte, e // GoogleIdentityAccesscontextmanagerV1MethodSelector: An allowed method // or permission of a service specified in ApiOperation. type GoogleIdentityAccesscontextmanagerV1MethodSelector struct { - // Method: Value for `method` should be a valid method name for the - // corresponding `service_name` in ApiOperation. If `*` used as value - // for `method`, then ALL methods and permissions are allowed. + // Method: A valid method name for the corresponding `service_name` in + // ApiOperation. If `*` is used as the value for the `method`, then ALL + // methods and permissions are allowed. Method string `json:"method,omitempty"` - // Permission: Value for `permission` should be a valid Cloud IAM - // permission for the corresponding `service_name` in ApiOperation. + // Permission: A valid Cloud IAM permission for the corresponding + // `service_name` in ApiOperation. Permission string `json:"permission,omitempty"` // ForceSendFields is a list of field names (e.g. "Method") to diff --git a/cloudasset/v1beta1/cloudasset-api.json b/cloudasset/v1beta1/cloudasset-api.json index d8e0898ee09..0ea52e02673 100644 --- a/cloudasset/v1beta1/cloudasset-api.json +++ b/cloudasset/v1beta1/cloudasset-api.json @@ -411,7 +411,7 @@ } } }, - "revision": "20231214", + "revision": "20240105", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -1316,11 +1316,11 @@ "id": "GoogleIdentityAccesscontextmanagerV1MethodSelector", "properties": { "method": { - "description": "Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.", + "description": "A valid method name for the corresponding `service_name` in ApiOperation. If `*` is used as the value for the `method`, then ALL methods and permissions are allowed.", "type": "string" }, "permission": { - "description": "Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.", + "description": "A valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.", "type": "string" } }, diff --git a/cloudasset/v1beta1/cloudasset-gen.go b/cloudasset/v1beta1/cloudasset-gen.go index c98a5118af3..97b909bcbdb 100644 --- a/cloudasset/v1beta1/cloudasset-gen.go +++ b/cloudasset/v1beta1/cloudasset-gen.go @@ -2067,13 +2067,13 @@ func (s *GoogleIdentityAccesscontextmanagerV1IngressTo) MarshalJSON() ([]byte, e // GoogleIdentityAccesscontextmanagerV1MethodSelector: An allowed method // or permission of a service specified in ApiOperation. type GoogleIdentityAccesscontextmanagerV1MethodSelector struct { - // Method: Value for `method` should be a valid method name for the - // corresponding `service_name` in ApiOperation. If `*` used as value - // for `method`, then ALL methods and permissions are allowed. + // Method: A valid method name for the corresponding `service_name` in + // ApiOperation. If `*` is used as the value for the `method`, then ALL + // methods and permissions are allowed. Method string `json:"method,omitempty"` - // Permission: Value for `permission` should be a valid Cloud IAM - // permission for the corresponding `service_name` in ApiOperation. + // Permission: A valid Cloud IAM permission for the corresponding + // `service_name` in ApiOperation. Permission string `json:"permission,omitempty"` // ForceSendFields is a list of field names (e.g. "Method") to diff --git a/cloudasset/v1p1beta1/cloudasset-api.json b/cloudasset/v1p1beta1/cloudasset-api.json index 1633a42208b..ab94aa292b4 100644 --- a/cloudasset/v1p1beta1/cloudasset-api.json +++ b/cloudasset/v1p1beta1/cloudasset-api.json @@ -207,7 +207,7 @@ } } }, - "revision": "20231214", + "revision": "20240105", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -1018,11 +1018,11 @@ "id": "GoogleIdentityAccesscontextmanagerV1MethodSelector", "properties": { "method": { - "description": "Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.", + "description": "A valid method name for the corresponding `service_name` in ApiOperation. If `*` is used as the value for the `method`, then ALL methods and permissions are allowed.", "type": "string" }, "permission": { - "description": "Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.", + "description": "A valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.", "type": "string" } }, diff --git a/cloudasset/v1p1beta1/cloudasset-gen.go b/cloudasset/v1p1beta1/cloudasset-gen.go index e8c9af6aea2..cd6ca4981ce 100644 --- a/cloudasset/v1p1beta1/cloudasset-gen.go +++ b/cloudasset/v1p1beta1/cloudasset-gen.go @@ -1849,13 +1849,13 @@ func (s *GoogleIdentityAccesscontextmanagerV1IngressTo) MarshalJSON() ([]byte, e // GoogleIdentityAccesscontextmanagerV1MethodSelector: An allowed method // or permission of a service specified in ApiOperation. type GoogleIdentityAccesscontextmanagerV1MethodSelector struct { - // Method: Value for `method` should be a valid method name for the - // corresponding `service_name` in ApiOperation. If `*` used as value - // for `method`, then ALL methods and permissions are allowed. + // Method: A valid method name for the corresponding `service_name` in + // ApiOperation. If `*` is used as the value for the `method`, then ALL + // methods and permissions are allowed. Method string `json:"method,omitempty"` - // Permission: Value for `permission` should be a valid Cloud IAM - // permission for the corresponding `service_name` in ApiOperation. + // Permission: A valid Cloud IAM permission for the corresponding + // `service_name` in ApiOperation. Permission string `json:"permission,omitempty"` // ForceSendFields is a list of field names (e.g. "Method") to diff --git a/cloudasset/v1p5beta1/cloudasset-api.json b/cloudasset/v1p5beta1/cloudasset-api.json index 5dd8ca70cb5..9eecb15b9cc 100644 --- a/cloudasset/v1p5beta1/cloudasset-api.json +++ b/cloudasset/v1p5beta1/cloudasset-api.json @@ -177,7 +177,7 @@ } } }, - "revision": "20231214", + "revision": "20240105", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -1023,11 +1023,11 @@ "id": "GoogleIdentityAccesscontextmanagerV1MethodSelector", "properties": { "method": { - "description": "Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.", + "description": "A valid method name for the corresponding `service_name` in ApiOperation. If `*` is used as the value for the `method`, then ALL methods and permissions are allowed.", "type": "string" }, "permission": { - "description": "Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.", + "description": "A valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.", "type": "string" } }, diff --git a/cloudasset/v1p5beta1/cloudasset-gen.go b/cloudasset/v1p5beta1/cloudasset-gen.go index 71474368372..a71639678dc 100644 --- a/cloudasset/v1p5beta1/cloudasset-gen.go +++ b/cloudasset/v1p5beta1/cloudasset-gen.go @@ -1890,13 +1890,13 @@ func (s *GoogleIdentityAccesscontextmanagerV1IngressTo) MarshalJSON() ([]byte, e // GoogleIdentityAccesscontextmanagerV1MethodSelector: An allowed method // or permission of a service specified in ApiOperation. type GoogleIdentityAccesscontextmanagerV1MethodSelector struct { - // Method: Value for `method` should be a valid method name for the - // corresponding `service_name` in ApiOperation. If `*` used as value - // for `method`, then ALL methods and permissions are allowed. + // Method: A valid method name for the corresponding `service_name` in + // ApiOperation. If `*` is used as the value for the `method`, then ALL + // methods and permissions are allowed. Method string `json:"method,omitempty"` - // Permission: Value for `permission` should be a valid Cloud IAM - // permission for the corresponding `service_name` in ApiOperation. + // Permission: A valid Cloud IAM permission for the corresponding + // `service_name` in ApiOperation. Permission string `json:"permission,omitempty"` // ForceSendFields is a list of field names (e.g. "Method") to diff --git a/cloudasset/v1p7beta1/cloudasset-api.json b/cloudasset/v1p7beta1/cloudasset-api.json index 159649bb180..232af16408a 100644 --- a/cloudasset/v1p7beta1/cloudasset-api.json +++ b/cloudasset/v1p7beta1/cloudasset-api.json @@ -167,7 +167,7 @@ } } }, - "revision": "20231214", + "revision": "20240105", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -1092,11 +1092,11 @@ "id": "GoogleIdentityAccesscontextmanagerV1MethodSelector", "properties": { "method": { - "description": "Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.", + "description": "A valid method name for the corresponding `service_name` in ApiOperation. If `*` is used as the value for the `method`, then ALL methods and permissions are allowed.", "type": "string" }, "permission": { - "description": "Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.", + "description": "A valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.", "type": "string" } }, diff --git a/cloudasset/v1p7beta1/cloudasset-gen.go b/cloudasset/v1p7beta1/cloudasset-gen.go index 32df4a0aaec..a4cbbaecc53 100644 --- a/cloudasset/v1p7beta1/cloudasset-gen.go +++ b/cloudasset/v1p7beta1/cloudasset-gen.go @@ -2101,13 +2101,13 @@ func (s *GoogleIdentityAccesscontextmanagerV1IngressTo) MarshalJSON() ([]byte, e // GoogleIdentityAccesscontextmanagerV1MethodSelector: An allowed method // or permission of a service specified in ApiOperation. type GoogleIdentityAccesscontextmanagerV1MethodSelector struct { - // Method: Value for `method` should be a valid method name for the - // corresponding `service_name` in ApiOperation. If `*` used as value - // for `method`, then ALL methods and permissions are allowed. + // Method: A valid method name for the corresponding `service_name` in + // ApiOperation. If `*` is used as the value for the `method`, then ALL + // methods and permissions are allowed. Method string `json:"method,omitempty"` - // Permission: Value for `permission` should be a valid Cloud IAM - // permission for the corresponding `service_name` in ApiOperation. + // Permission: A valid Cloud IAM permission for the corresponding + // `service_name` in ApiOperation. Permission string `json:"permission,omitempty"` // ForceSendFields is a list of field names (e.g. "Method") to diff --git a/cloudbuild/v1/cloudbuild-api.json b/cloudbuild/v1/cloudbuild-api.json index 5df8ea0db01..5ea7558959a 100644 --- a/cloudbuild/v1/cloudbuild-api.json +++ b/cloudbuild/v1/cloudbuild-api.json @@ -2319,7 +2319,7 @@ } } }, - "revision": "20231127", + "revision": "20240109", "rootUrl": "https://cloudbuild.googleapis.com/", "schemas": { "ApprovalConfig": { @@ -4608,16 +4608,16 @@ "type": "string" }, "commentControl": { - "description": "Configure builds to run whether a repository owner or collaborator need to comment `/gcbrun`.", + "description": "If CommentControl is enabled, depending on the setting, builds may not fire until a repository writer comments `/gcbrun` on a pull request or `/gcbrun` is in the pull request description. Only PR comments that contain `/gcbrun` will trigger builds. If CommentControl is set to disabled, comments with `/gcbrun` from a user with repository write permission or above will still trigger builds to run.", "enum": [ "COMMENTS_DISABLED", "COMMENTS_ENABLED", "COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY" ], "enumDescriptions": [ - "Do not require comments on Pull Requests before builds are triggered.", - "Enforce that repository owners or collaborators must comment on Pull Requests before builds are triggered.", - "Enforce that repository owners or collaborators must comment on external contributors' Pull Requests before builds are triggered." + "Do not require `/gcbrun` comments from a user with repository write permission or above on pull requests before builds are triggered. Comments that contain `/gcbrun` will still fire builds so this should be thought of as comments not required.", + "Builds will only fire in response to pull requests if: 1. The pull request author has repository write permission or above and `/gcbrun` is in the PR description. 2. A user with repository writer permissions or above comments `/gcbrun` on a pull request authored by any user.", + "Builds will only fire in response to pull requests if: 1. The pull request author is a repository writer or above. 2. If the author does not have write permissions, a user with write permissions or above must comment `/gcbrun` in order to fire a build." ], "type": "string" }, diff --git a/cloudbuild/v1/cloudbuild-gen.go b/cloudbuild/v1/cloudbuild-gen.go index 67a2858489f..2b37d3b4593 100644 --- a/cloudbuild/v1/cloudbuild-gen.go +++ b/cloudbuild/v1/cloudbuild-gen.go @@ -3969,18 +3969,29 @@ type PullRequestFilter struct { // https://github.com/google/re2/wiki/Syntax Branch string `json:"branch,omitempty"` - // CommentControl: Configure builds to run whether a repository owner or - // collaborator need to comment `/gcbrun`. + // CommentControl: If CommentControl is enabled, depending on the + // setting, builds may not fire until a repository writer comments + // `/gcbrun` on a pull request or `/gcbrun` is in the pull request + // description. Only PR comments that contain `/gcbrun` will trigger + // builds. If CommentControl is set to disabled, comments with `/gcbrun` + // from a user with repository write permission or above will still + // trigger builds to run. // // Possible values: - // "COMMENTS_DISABLED" - Do not require comments on Pull Requests - // before builds are triggered. - // "COMMENTS_ENABLED" - Enforce that repository owners or - // collaborators must comment on Pull Requests before builds are - // triggered. - // "COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY" - Enforce that - // repository owners or collaborators must comment on external - // contributors' Pull Requests before builds are triggered. + // "COMMENTS_DISABLED" - Do not require `/gcbrun` comments from a user + // with repository write permission or above on pull requests before + // builds are triggered. Comments that contain `/gcbrun` will still fire + // builds so this should be thought of as comments not required. + // "COMMENTS_ENABLED" - Builds will only fire in response to pull + // requests if: 1. The pull request author has repository write + // permission or above and `/gcbrun` is in the PR description. 2. A user + // with repository writer permissions or above comments `/gcbrun` on a + // pull request authored by any user. + // "COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY" - Builds will + // only fire in response to pull requests if: 1. The pull request author + // is a repository writer or above. 2. If the author does not have write + // permissions, a user with write permissions or above must comment + // `/gcbrun` in order to fire a build. CommentControl string `json:"commentControl,omitempty"` // InvertRegex: If true, branches that do NOT match the git_ref will diff --git a/cloudchannel/v1/cloudchannel-api.json b/cloudchannel/v1/cloudchannel-api.json index 2fdb09bb945..0b92f2e573b 100644 --- a/cloudchannel/v1/cloudchannel-api.json +++ b/cloudchannel/v1/cloudchannel-api.json @@ -2183,7 +2183,7 @@ } } }, - "revision": "20231220", + "revision": "20240109", "rootUrl": "https://cloudchannel.googleapis.com/", "schemas": { "GoogleCloudChannelV1ActivateEntitlementRequest": { @@ -2459,7 +2459,7 @@ "id": "GoogleCloudChannelV1CheckCloudIdentityAccountsExistRequest", "properties": { "domain": { - "description": "Required. Domain to fetch for Cloud Identity account customer.", + "description": "Required. Domain to fetch for Cloud Identity account customers, including domained and domainless.", "type": "string" } }, diff --git a/cloudchannel/v1/cloudchannel-gen.go b/cloudchannel/v1/cloudchannel-gen.go index d7640f9f179..c4bf0e38e99 100644 --- a/cloudchannel/v1/cloudchannel-gen.go +++ b/cloudchannel/v1/cloudchannel-gen.go @@ -864,7 +864,7 @@ func (s *GoogleCloudChannelV1ChannelPartnerRepricingConfig) MarshalJSON() ([]byt // message for CloudChannelService.CheckCloudIdentityAccountsExist. type GoogleCloudChannelV1CheckCloudIdentityAccountsExistRequest struct { // Domain: Required. Domain to fetch for Cloud Identity account - // customer. + // customers, including domained and domainless. Domain string `json:"domain,omitempty"` // ForceSendFields is a list of field names (e.g. "Domain") to diff --git a/clouddeploy/v1/clouddeploy-api.json b/clouddeploy/v1/clouddeploy-api.json index 79b03a59436..a127cfb446e 100644 --- a/clouddeploy/v1/clouddeploy-api.json +++ b/clouddeploy/v1/clouddeploy-api.json @@ -219,14 +219,14 @@ "type": "string" }, "parent": { - "description": "Required. The parent collection in which the `CustomTargetType` should be created in. Format should be `projects/{project_id}/locations/{location_name}`.", + "description": "Required. The parent collection in which the `CustomTargetType` should be created. Format should be `projects/{project_id}/locations/{location_name}`.", "location": "path", "pattern": "^projects/[^/]+/locations/[^/]+$", "required": true, "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -274,7 +274,7 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -385,12 +385,12 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, "updateMask": { - "description": "Required. Field mask is used to specify the fields to be overwritten in the `CustomTargetType` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.", + "description": "Required. Field mask is used to specify the fields to be overwritten in the `CustomTargetType` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it's in the mask. If the user doesn't provide a mask then all fields are overwritten.", "format": "google-fieldmask", "location": "query", "type": "string" @@ -438,7 +438,7 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -491,7 +491,7 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -633,12 +633,12 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, "updateMask": { - "description": "Required. Field mask is used to specify the fields to be overwritten in the `DeliveryPipeline` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.", + "description": "Required. Field mask is used to specify the fields to be overwritten in the `DeliveryPipeline` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it's in the mask. If the user doesn't provide a mask then all fields are overwritten.", "format": "google-fieldmask", "location": "query", "type": "string" @@ -873,7 +873,7 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -921,7 +921,7 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -1032,12 +1032,12 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, "updateMask": { - "description": "Required. Field mask is used to specify the fields to be overwritten in the `Automation` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.", + "description": "Required. Field mask is used to specify the fields to be overwritten in the `Automation` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it's in the mask. If the user doesn't provide a mask then all fields are overwritten.", "format": "google-fieldmask", "location": "query", "type": "string" @@ -1113,7 +1113,7 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -1310,7 +1310,7 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -1721,7 +1721,7 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -1774,7 +1774,7 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -1916,12 +1916,12 @@ "type": "string" }, "requestId": { - "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, "updateMask": { - "description": "Required. Field mask is used to specify the fields to be overwritten in the Target resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.", + "description": "Required. Field mask is used to specify the fields to be overwritten in the Target resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it's in the mask. If the user doesn't provide a mask then all fields are overwritten.", "format": "google-fieldmask", "location": "query", "type": "string" @@ -2006,7 +2006,7 @@ } } }, - "revision": "20231130", + "revision": "20240107", "rootUrl": "https://clouddeploy.googleapis.com/", "schemas": { "AbandonReleaseRequest": { @@ -2569,7 +2569,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, @@ -2705,21 +2705,21 @@ "type": "boolean" }, "canaryRevisionTags": { - "description": "Optional. A list of tags that are added to the canary revision while the canary deployment is in progress.", + "description": "Optional. A list of tags that are added to the canary revision while the canary phase is in progress.", "items": { "type": "string" }, "type": "array" }, "priorRevisionTags": { - "description": "Optional. A list of tags that are added to the prior revision while the canary deployment is in progress.", + "description": "Optional. A list of tags that are added to the prior revision while the canary phase is in progress.", "items": { "type": "string" }, "type": "array" }, "stableRevisionTags": { - "description": "Optional. A list of tags that are added to the final stable revision after the canary deployment is completed.", + "description": "Optional. A list of tags that are added to the final stable revision when the stable phase is applied.", "items": { "type": "string" }, @@ -2841,14 +2841,14 @@ "type": "object" }, "CustomMetadata": { - "description": "CustomMetadata contains information from a user defined operation.", + "description": "CustomMetadata contains information from a user-defined operation.", "id": "CustomMetadata", "properties": { "values": { "additionalProperties": { "type": "string" }, - "description": "Output only. Key-value pairs provided by the user defined operation.", + "description": "Output only. Key-value pairs provided by the user-defined operation.", "readOnly": true, "type": "object" } @@ -2901,7 +2901,7 @@ "type": "object" }, "CustomTargetType": { - "description": "A `CustomTargetType` resource in the Cloud Deploy API. A `CustomTargetType` defines a type of custom target that can be referenced in a `Target` in order to facilitate deploying to a runtime that does not have a 1P integration with Cloud Deploy.", + "description": "A `CustomTargetType` resource in the Cloud Deploy API. A `CustomTargetType` defines a type of custom target that can be referenced in a `Target` in order to facilitate deploying to other systems besides the supported runtimes.", "id": "CustomTargetType", "properties": { "annotations": { @@ -3071,6 +3071,10 @@ "description": "Debug message for when a notification fails to send.", "type": "string" }, + "pipelineUid": { + "description": "Unique identifier of the `DeliveryPipeline`.", + "type": "string" + }, "type": { "description": "Type of this notification, e.g. for a Pub/Sub failure.", "enum": [ @@ -3195,7 +3199,7 @@ }, "custom": { "$ref": "CustomMetadata", - "description": "Output only. Custom metadata provided by user defined deploy operation.", + "description": "Output only. Custom metadata provided by user-defined deploy operation.", "readOnly": true }, "customTarget": { @@ -3358,6 +3362,11 @@ "service": { "description": "Required. Name of the Kubernetes Service.", "type": "string" + }, + "stableCutbackDuration": { + "description": "Optional. The amount of time to migrate traffic back from the canary Service to the original Service during the stable phase deployment. If specified, must be between 15s and 3600s. If unspecified, there is no cutback time.", + "format": "google-duration", + "type": "string" } }, "type": "object" @@ -3593,10 +3602,18 @@ "description": "Unique identifier of the `DeliveryPipeline`.", "type": "string" }, + "release": { + "description": "The name of the `Release`.", + "type": "string" + }, "releaseUid": { "description": "Unique identifier of the `Release`.", "type": "string" }, + "rollout": { + "description": "The name of the `Rollout`.", + "type": "string" + }, "rolloutUid": { "description": "Unique identifier of the `Rollout`.", "type": "string" @@ -3943,7 +3960,7 @@ }, "custom": { "$ref": "CustomMetadata", - "description": "Output only. Custom metadata provided by user defined `Rollout` operations.", + "description": "Output only. Custom metadata provided by user-defined `Rollout` operations.", "readOnly": true } }, @@ -4590,10 +4607,18 @@ "description": "Debug message for when a notification fails to send.", "type": "string" }, + "pipelineUid": { + "description": "Unique identifier of the `DeliveryPipeline`.", + "type": "string" + }, "release": { "description": "The name of the `Release`.", "type": "string" }, + "releaseUid": { + "description": "Unique identifier of the `Release`.", + "type": "string" + }, "type": { "description": "Type of this notification, e.g. for a Pub/Sub failure.", "enum": [ @@ -4650,8 +4675,12 @@ "description": "Debug message for when a render transition occurs. Provides further details as rendering progresses through render states.", "type": "string" }, + "pipelineUid": { + "description": "Unique identifier of the `DeliveryPipeline`.", + "type": "string" + }, "release": { - "description": "The name of the release.", + "description": "The name of the release. release_uid is not in this log message because we write some of these log messages at release creation time, before we've generated the uid.", "type": "string" }, "releaseRenderState": { @@ -4669,6 +4698,40 @@ "Rendering has started and is not complete." ], "type": "string" + }, + "type": { + "description": "Type of this notification, e.g. for a release render state change event.", + "enum": [ + "TYPE_UNSPECIFIED", + "TYPE_PUBSUB_NOTIFICATION_FAILURE", + "TYPE_RESOURCE_STATE_CHANGE", + "TYPE_PROCESS_ABORTED", + "TYPE_RESTRICTION_VIOLATED", + "TYPE_RESOURCE_DELETED", + "TYPE_ROLLOUT_UPDATE", + "TYPE_RENDER_STATUES_CHANGE" + ], + "enumDeprecated": [ + false, + false, + false, + false, + false, + false, + false, + true + ], + "enumDescriptions": [ + "Type is unspecified.", + "A Pub/Sub notification failed to be sent.", + "Resource state changed.", + "A process aborted.", + "Restriction check failed.", + "Resource deleted.", + "Rollout updated.", + "Deprecated: This field is never used. Use release_render log type instead." + ], + "type": "string" } }, "type": "object" @@ -4684,7 +4747,7 @@ }, "custom": { "$ref": "CustomMetadata", - "description": "Output only. Custom metadata provided by user defined render operation.", + "description": "Output only. Custom metadata provided by user-defined render operation.", "readOnly": true } }, @@ -5257,6 +5320,10 @@ "description": "Unique identifier of the `DeliveryPipeline`.", "type": "string" }, + "release": { + "description": "The name of the `Release`.", + "type": "string" + }, "releaseUid": { "description": "Unique identifier of the `Release`.", "type": "string" @@ -5265,6 +5332,10 @@ "description": "The name of the `Rollout`.", "type": "string" }, + "rolloutUid": { + "description": "Unique identifier of the `Rollout`.", + "type": "string" + }, "targetId": { "description": "ID of the `Target` that the rollout is deployed to.", "type": "string" @@ -5318,12 +5389,16 @@ "description": "Unique identifier of the pipeline.", "type": "string" }, + "release": { + "description": "The name of the `Release`.", + "type": "string" + }, "releaseUid": { "description": "Unique identifier of the release.", "type": "string" }, "rollout": { - "description": "The name of the rollout.", + "description": "The name of the rollout. rollout_uid is not in this log message because we write some of these log messages at rollout creation time, before we've generated the uid.", "type": "string" }, "rolloutUpdateType": { @@ -5799,7 +5874,7 @@ "type": "object" }, "TargetAttribute": { - "description": "Contains criteria for selecting Targets. Attributes provided must match the target resource in order for policy restrictions to apply. E.g. if id \"prod\" and labels \"foo: bar\" are given the target resource must match both that id and have that label in order to be selected.", + "description": "Contains criteria for selecting Targets.", "id": "TargetAttribute", "properties": { "id": { diff --git a/clouddeploy/v1/clouddeploy-gen.go b/clouddeploy/v1/clouddeploy-gen.go index 9e22f98002e..53362d50636 100644 --- a/clouddeploy/v1/clouddeploy-gen.go +++ b/clouddeploy/v1/clouddeploy-gen.go @@ -1116,11 +1116,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -1132,7 +1155,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. @@ -1352,15 +1380,15 @@ type CloudRunConfig struct { AutomaticTrafficControl bool `json:"automaticTrafficControl,omitempty"` // CanaryRevisionTags: Optional. A list of tags that are added to the - // canary revision while the canary deployment is in progress. + // canary revision while the canary phase is in progress. CanaryRevisionTags []string `json:"canaryRevisionTags,omitempty"` // PriorRevisionTags: Optional. A list of tags that are added to the - // prior revision while the canary deployment is in progress. + // prior revision while the canary phase is in progress. PriorRevisionTags []string `json:"priorRevisionTags,omitempty"` // StableRevisionTags: Optional. A list of tags that are added to the - // final stable revision after the canary deployment is completed. + // final stable revision when the stable phase is applied. StableRevisionTags []string `json:"stableRevisionTags,omitempty"` // ForceSendFields is a list of field names (e.g. @@ -1603,10 +1631,10 @@ func (s *CustomCanaryDeployment) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// CustomMetadata: CustomMetadata contains information from a user -// defined operation. +// CustomMetadata: CustomMetadata contains information from a +// user-defined operation. type CustomMetadata struct { - // Values: Output only. Key-value pairs provided by the user defined + // Values: Output only. Key-value pairs provided by the user-defined // operation. Values map[string]string `json:"values,omitempty"` @@ -1737,8 +1765,8 @@ func (s *CustomTargetSkaffoldActions) MarshalJSON() ([]byte, error) { // CustomTargetType: A `CustomTargetType` resource in the Cloud Deploy // API. A `CustomTargetType` defines a type of custom target that can be -// referenced in a `Target` in order to facilitate deploying to a -// runtime that does not have a 1P integration with Cloud Deploy. +// referenced in a `Target` in order to facilitate deploying to other +// systems besides the supported runtimes. type CustomTargetType struct { // Annotations: Optional. User annotations. These attributes can only be // set and used by the user, and not by Cloud Deploy. See @@ -1991,6 +2019,9 @@ type DeliveryPipelineNotificationEvent struct { // Message: Debug message for when a notification fails to send. Message string `json:"message,omitempty"` + // PipelineUid: Unique identifier of the `DeliveryPipeline`. + PipelineUid string `json:"pipelineUid,omitempty"` + // Type: Type of this notification, e.g. for a Pub/Sub failure. // // Possible values: @@ -2141,7 +2172,7 @@ type DeployJobRunMetadata struct { // associated with a `DeployJobRun`. CloudRun *CloudRunMetadata `json:"cloudRun,omitempty"` - // Custom: Output only. Custom metadata provided by user defined deploy + // Custom: Output only. Custom metadata provided by user-defined deploy // operation. Custom *CustomMetadata `json:"custom,omitempty"` @@ -2405,6 +2436,12 @@ type GatewayServiceMesh struct { // Service: Required. Name of the Kubernetes Service. Service string `json:"service,omitempty"` + // StableCutbackDuration: Optional. The amount of time to migrate + // traffic back from the canary Service to the original Service during + // the stable phase deployment. If specified, must be between 15s and + // 3600s. If unspecified, there is no cutback time. + StableCutbackDuration string `json:"stableCutbackDuration,omitempty"` + // ForceSendFields is a list of field names (e.g. "Deployment") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any @@ -2685,9 +2722,15 @@ type JobRunNotificationEvent struct { // PipelineUid: Unique identifier of the `DeliveryPipeline`. PipelineUid string `json:"pipelineUid,omitempty"` + // Release: The name of the `Release`. + Release string `json:"release,omitempty"` + // ReleaseUid: Unique identifier of the `Release`. ReleaseUid string `json:"releaseUid,omitempty"` + // Rollout: The name of the `Rollout`. + Rollout string `json:"rollout,omitempty"` + // RolloutUid: Unique identifier of the `Rollout`. RolloutUid string `json:"rolloutUid,omitempty"` @@ -3229,7 +3272,7 @@ type Metadata struct { // associated with a `Rollout`. CloudRun *CloudRunMetadata `json:"cloudRun,omitempty"` - // Custom: Output only. Custom metadata provided by user defined + // Custom: Output only. Custom metadata provided by user-defined // `Rollout` operations. Custom *CustomMetadata `json:"custom,omitempty"` @@ -4269,9 +4312,15 @@ type ReleaseNotificationEvent struct { // Message: Debug message for when a notification fails to send. Message string `json:"message,omitempty"` + // PipelineUid: Unique identifier of the `DeliveryPipeline`. + PipelineUid string `json:"pipelineUid,omitempty"` + // Release: The name of the `Release`. Release string `json:"release,omitempty"` + // ReleaseUid: Unique identifier of the `Release`. + ReleaseUid string `json:"releaseUid,omitempty"` + // Type: Type of this notification, e.g. for a Pub/Sub failure. // // Possible values: @@ -4351,7 +4400,12 @@ type ReleaseRenderEvent struct { // further details as rendering progresses through render states. Message string `json:"message,omitempty"` - // Release: The name of the release. + // PipelineUid: Unique identifier of the `DeliveryPipeline`. + PipelineUid string `json:"pipelineUid,omitempty"` + + // Release: The name of the release. release_uid is not in this log + // message because we write some of these log messages at release + // creation time, before we've generated the uid. Release string `json:"release,omitempty"` // ReleaseRenderState: The state of the release render. @@ -4364,6 +4418,22 @@ type ReleaseRenderEvent struct { // "IN_PROGRESS" - Rendering has started and is not complete. ReleaseRenderState string `json:"releaseRenderState,omitempty"` + // Type: Type of this notification, e.g. for a release render state + // change event. + // + // Possible values: + // "TYPE_UNSPECIFIED" - Type is unspecified. + // "TYPE_PUBSUB_NOTIFICATION_FAILURE" - A Pub/Sub notification failed + // to be sent. + // "TYPE_RESOURCE_STATE_CHANGE" - Resource state changed. + // "TYPE_PROCESS_ABORTED" - A process aborted. + // "TYPE_RESTRICTION_VIOLATED" - Restriction check failed. + // "TYPE_RESOURCE_DELETED" - Resource deleted. + // "TYPE_ROLLOUT_UPDATE" - Rollout updated. + // "TYPE_RENDER_STATUES_CHANGE" - Deprecated: This field is never + // used. Use release_render log type instead. + Type string `json:"type,omitempty"` + // ForceSendFields is a list of field names (e.g. "Message") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any @@ -4394,7 +4464,7 @@ type RenderMetadata struct { // Run. CloudRun *CloudRunRenderMetadata `json:"cloudRun,omitempty"` - // Custom: Output only. Custom metadata provided by user defined render + // Custom: Output only. Custom metadata provided by user-defined render // operation. Custom *CustomMetadata `json:"custom,omitempty"` @@ -5140,12 +5210,18 @@ type RolloutNotificationEvent struct { // PipelineUid: Unique identifier of the `DeliveryPipeline`. PipelineUid string `json:"pipelineUid,omitempty"` + // Release: The name of the `Release`. + Release string `json:"release,omitempty"` + // ReleaseUid: Unique identifier of the `Release`. ReleaseUid string `json:"releaseUid,omitempty"` // Rollout: The name of the `Rollout`. Rollout string `json:"rollout,omitempty"` + // RolloutUid: Unique identifier of the `Rollout`. + RolloutUid string `json:"rolloutUid,omitempty"` + // TargetId: ID of the `Target` that the rollout is deployed to. TargetId string `json:"targetId,omitempty"` @@ -5197,10 +5273,15 @@ type RolloutUpdateEvent struct { // PipelineUid: Unique identifier of the pipeline. PipelineUid string `json:"pipelineUid,omitempty"` + // Release: The name of the `Release`. + Release string `json:"release,omitempty"` + // ReleaseUid: Unique identifier of the release. ReleaseUid string `json:"releaseUid,omitempty"` - // Rollout: The name of the rollout. + // Rollout: The name of the rollout. rollout_uid is not in this log + // message because we write some of these log messages at rollout + // creation time, before we've generated the uid. Rollout string `json:"rollout,omitempty"` // RolloutUpdateType: The type of the rollout update. @@ -5908,11 +5989,7 @@ func (s *TargetArtifact) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// TargetAttribute: Contains criteria for selecting Targets. Attributes -// provided must match the target resource in order for policy -// restrictions to apply. E.g. if id "prod" and labels "foo: bar" are -// given the target resource must match both that id and have that label -// in order to be selected. +// TargetAttribute: Contains criteria for selecting Targets. type TargetAttribute struct { // Id: ID of the `Target`. The value of this field could be one of the // following: * The last segment of a target name. It only needs the ID @@ -6808,7 +6885,7 @@ type ProjectsLocationsCustomTargetTypesCreateCall struct { // location. // // - parent: The parent collection in which the `CustomTargetType` -// should be created in. Format should be +// should be created. Format should be // `projects/{project_id}/locations/{location_name}`. func (r *ProjectsLocationsCustomTargetTypesService) Create(parent string, customtargettype *CustomTargetType) *ProjectsLocationsCustomTargetTypesCreateCall { c := &ProjectsLocationsCustomTargetTypesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} @@ -6826,16 +6903,16 @@ func (c *ProjectsLocationsCustomTargetTypesCreateCall) CustomTargetTypeId(custom // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes since the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsCustomTargetTypesCreateCall) RequestId(requestId string) *ProjectsLocationsCustomTargetTypesCreateCall { c.urlParams_.Set("requestId", requestId) return c @@ -6954,14 +7031,14 @@ func (c *ProjectsLocationsCustomTargetTypesCreateCall) Do(opts ...googleapi.Call // "type": "string" // }, // "parent": { - // "description": "Required. The parent collection in which the `CustomTargetType` should be created in. Format should be `projects/{project_id}/locations/{location_name}`.", + // "description": "Required. The parent collection in which the `CustomTargetType` should be created. Format should be `projects/{project_id}/locations/{location_name}`.", // "location": "path", // "pattern": "^projects/[^/]+/locations/[^/]+$", // "required": true, // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -7025,16 +7102,16 @@ func (c *ProjectsLocationsCustomTargetTypesDeleteCall) Etag(etag string) *Projec // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes after the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsCustomTargetTypesDeleteCall) RequestId(requestId string) *ProjectsLocationsCustomTargetTypesDeleteCall { c.urlParams_.Set("requestId", requestId) return c @@ -7159,7 +7236,7 @@ func (c *ProjectsLocationsCustomTargetTypesDeleteCall) Do(opts ...googleapi.Call // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -7585,16 +7662,16 @@ func (c *ProjectsLocationsCustomTargetTypesPatchCall) AllowMissing(allowMissing // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes since the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsCustomTargetTypesPatchCall) RequestId(requestId string) *ProjectsLocationsCustomTargetTypesPatchCall { c.urlParams_.Set("requestId", requestId) return c @@ -7604,8 +7681,8 @@ func (c *ProjectsLocationsCustomTargetTypesPatchCall) RequestId(requestId string // mask is used to specify the fields to be overwritten in the // `CustomTargetType` resource by the update. The fields specified in // the update_mask are relative to the resource, not the full request. A -// field will be overwritten if it is in the mask. If the user does not -// provide a mask then all fields will be overwritten. +// field will be overwritten if it's in the mask. If the user doesn't +// provide a mask then all fields are overwritten. func (c *ProjectsLocationsCustomTargetTypesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsCustomTargetTypesPatchCall { c.urlParams_.Set("updateMask", updateMask) return c @@ -7731,12 +7808,12 @@ func (c *ProjectsLocationsCustomTargetTypesPatchCall) Do(opts ...googleapi.CallO // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, // "updateMask": { - // "description": "Required. Field mask is used to specify the fields to be overwritten in the `CustomTargetType` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.", + // "description": "Required. Field mask is used to specify the fields to be overwritten in the `CustomTargetType` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it's in the mask. If the user doesn't provide a mask then all fields are overwritten.", // "format": "google-fieldmask", // "location": "query", // "type": "string" @@ -7794,16 +7871,16 @@ func (c *ProjectsLocationsDeliveryPipelinesCreateCall) DeliveryPipelineId(delive // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes since the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsDeliveryPipelinesCreateCall) RequestId(requestId string) *ProjectsLocationsDeliveryPipelinesCreateCall { c.urlParams_.Set("requestId", requestId) return c @@ -7929,7 +8006,7 @@ func (c *ProjectsLocationsDeliveryPipelinesCreateCall) Do(opts ...googleapi.Call // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -8002,16 +8079,16 @@ func (c *ProjectsLocationsDeliveryPipelinesDeleteCall) Force(force bool) *Projec // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes after the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsDeliveryPipelinesDeleteCall) RequestId(requestId string) *ProjectsLocationsDeliveryPipelinesDeleteCall { c.urlParams_.Set("requestId", requestId) return c @@ -8142,7 +8219,7 @@ func (c *ProjectsLocationsDeliveryPipelinesDeleteCall) Do(opts ...googleapi.Call // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -8740,16 +8817,16 @@ func (c *ProjectsLocationsDeliveryPipelinesPatchCall) AllowMissing(allowMissing // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes since the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsDeliveryPipelinesPatchCall) RequestId(requestId string) *ProjectsLocationsDeliveryPipelinesPatchCall { c.urlParams_.Set("requestId", requestId) return c @@ -8759,8 +8836,8 @@ func (c *ProjectsLocationsDeliveryPipelinesPatchCall) RequestId(requestId string // mask is used to specify the fields to be overwritten in the // `DeliveryPipeline` resource by the update. The fields specified in // the update_mask are relative to the resource, not the full request. A -// field will be overwritten if it is in the mask. If the user does not -// provide a mask then all fields will be overwritten. +// field will be overwritten if it's in the mask. If the user doesn't +// provide a mask then all fields are overwritten. func (c *ProjectsLocationsDeliveryPipelinesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsDeliveryPipelinesPatchCall { c.urlParams_.Set("updateMask", updateMask) return c @@ -8886,12 +8963,12 @@ func (c *ProjectsLocationsDeliveryPipelinesPatchCall) Do(opts ...googleapi.CallO // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, // "updateMask": { - // "description": "Required. Field mask is used to specify the fields to be overwritten in the `DeliveryPipeline` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.", + // "description": "Required. Field mask is used to specify the fields to be overwritten in the `DeliveryPipeline` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it's in the mask. If the user doesn't provide a mask then all fields are overwritten.", // "format": "google-fieldmask", // "location": "query", // "type": "string" @@ -9910,16 +9987,16 @@ func (c *ProjectsLocationsDeliveryPipelinesAutomationsCreateCall) AutomationId(a // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes since the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsDeliveryPipelinesAutomationsCreateCall) RequestId(requestId string) *ProjectsLocationsDeliveryPipelinesAutomationsCreateCall { c.urlParams_.Set("requestId", requestId) return c @@ -10045,7 +10122,7 @@ func (c *ProjectsLocationsDeliveryPipelinesAutomationsCreateCall) Do(opts ...goo // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -10109,16 +10186,16 @@ func (c *ProjectsLocationsDeliveryPipelinesAutomationsDeleteCall) Etag(etag stri // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes after the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsDeliveryPipelinesAutomationsDeleteCall) RequestId(requestId string) *ProjectsLocationsDeliveryPipelinesAutomationsDeleteCall { c.urlParams_.Set("requestId", requestId) return c @@ -10244,7 +10321,7 @@ func (c *ProjectsLocationsDeliveryPipelinesAutomationsDeleteCall) Do(opts ...goo // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -10668,16 +10745,16 @@ func (c *ProjectsLocationsDeliveryPipelinesAutomationsPatchCall) AllowMissing(al // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes since the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsDeliveryPipelinesAutomationsPatchCall) RequestId(requestId string) *ProjectsLocationsDeliveryPipelinesAutomationsPatchCall { c.urlParams_.Set("requestId", requestId) return c @@ -10687,8 +10764,8 @@ func (c *ProjectsLocationsDeliveryPipelinesAutomationsPatchCall) RequestId(reque // mask is used to specify the fields to be overwritten in the // `Automation` resource by the update. The fields specified in the // update_mask are relative to the resource, not the full request. A -// field will be overwritten if it is in the mask. If the user does not -// provide a mask then all fields will be overwritten. +// field will be overwritten if it's in the mask. If the user doesn't +// provide a mask then all fields are overwritten. func (c *ProjectsLocationsDeliveryPipelinesAutomationsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsDeliveryPipelinesAutomationsPatchCall { c.urlParams_.Set("updateMask", updateMask) return c @@ -10814,12 +10891,12 @@ func (c *ProjectsLocationsDeliveryPipelinesAutomationsPatchCall) Do(opts ...goog // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, // "updateMask": { - // "description": "Required. Field mask is used to specify the fields to be overwritten in the `Automation` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.", + // "description": "Required. Field mask is used to specify the fields to be overwritten in the `Automation` resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it's in the mask. If the user doesn't provide a mask then all fields are overwritten.", // "format": "google-fieldmask", // "location": "query", // "type": "string" @@ -11021,16 +11098,16 @@ func (c *ProjectsLocationsDeliveryPipelinesReleasesCreateCall) ReleaseId(release // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes since the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsDeliveryPipelinesReleasesCreateCall) RequestId(requestId string) *ProjectsLocationsDeliveryPipelinesReleasesCreateCall { c.urlParams_.Set("requestId", requestId) return c @@ -11156,7 +11233,7 @@ func (c *ProjectsLocationsDeliveryPipelinesReleasesCreateCall) Do(opts ...google // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -12008,16 +12085,16 @@ func (r *ProjectsLocationsDeliveryPipelinesReleasesRolloutsService) Create(paren // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes since the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsDeliveryPipelinesReleasesRolloutsCreateCall) RequestId(requestId string) *ProjectsLocationsDeliveryPipelinesReleasesRolloutsCreateCall { c.urlParams_.Set("requestId", requestId) return c @@ -12153,7 +12230,7 @@ func (c *ProjectsLocationsDeliveryPipelinesReleasesRolloutsCreateCall) Do(opts . // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -14024,16 +14101,16 @@ func (r *ProjectsLocationsTargetsService) Create(parent string, target *Target) // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes since the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsTargetsCreateCall) RequestId(requestId string) *ProjectsLocationsTargetsCreateCall { c.urlParams_.Set("requestId", requestId) return c @@ -14161,7 +14238,7 @@ func (c *ProjectsLocationsTargetsCreateCall) Do(opts ...googleapi.CallOption) (* // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -14230,16 +14307,16 @@ func (c *ProjectsLocationsTargetsDeleteCall) Etag(etag string) *ProjectsLocation // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes after the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsTargetsDeleteCall) RequestId(requestId string) *ProjectsLocationsTargetsDeleteCall { c.urlParams_.Set("requestId", requestId) return c @@ -14365,7 +14442,7 @@ func (c *ProjectsLocationsTargetsDeleteCall) Do(opts ...googleapi.CallOption) (* // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -14962,16 +15039,16 @@ func (c *ProjectsLocationsTargetsPatchCall) AllowMissing(allowMissing bool) *Pro // RequestId sets the optional parameter "requestId": A request ID to // identify requests. Specify a unique request ID so that if you must -// retry your request, the server will know to ignore the request if it -// has already been completed. The server will guarantee that for at -// least 60 minutes since the first request. For example, consider a -// situation where you make an initial request and the request times -// out. If you make the request again with the same request ID, the -// server can check if original operation with the same request ID was -// received, and if so, will ignore the second request. This prevents -// clients from accidentally creating duplicate commitments. The request -// ID must be a valid UUID with the exception that zero UUID is not -// supported (00000000-0000-0000-0000-000000000000). +// retry your request, the server knows to ignore the request if it has +// already been completed. The server guarantees that for at least 60 +// minutes after the first request. For example, consider a situation +// where you make an initial request and the request times out. If you +// make the request again with the same request ID, the server can check +// if original operation with the same request ID was received, and if +// so, will ignore the second request. This prevents clients from +// accidentally creating duplicate commitments. The request ID must be a +// valid UUID with the exception that zero UUID is not supported +// (00000000-0000-0000-0000-000000000000). func (c *ProjectsLocationsTargetsPatchCall) RequestId(requestId string) *ProjectsLocationsTargetsPatchCall { c.urlParams_.Set("requestId", requestId) return c @@ -14981,8 +15058,8 @@ func (c *ProjectsLocationsTargetsPatchCall) RequestId(requestId string) *Project // mask is used to specify the fields to be overwritten in the Target // resource by the update. The fields specified in the update_mask are // relative to the resource, not the full request. A field will be -// overwritten if it is in the mask. If the user does not provide a mask -// then all fields will be overwritten. +// overwritten if it's in the mask. If the user doesn't provide a mask +// then all fields are overwritten. func (c *ProjectsLocationsTargetsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsTargetsPatchCall { c.urlParams_.Set("updateMask", updateMask) return c @@ -15108,12 +15185,12 @@ func (c *ProjectsLocationsTargetsPatchCall) Do(opts ...googleapi.CallOption) (*O // "type": "string" // }, // "requestId": { - // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "Optional. A request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server knows to ignore the request if it has already been completed. The server guarantees that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, // "updateMask": { - // "description": "Required. Field mask is used to specify the fields to be overwritten in the Target resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields will be overwritten.", + // "description": "Required. Field mask is used to specify the fields to be overwritten in the Target resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it's in the mask. If the user doesn't provide a mask then all fields are overwritten.", // "format": "google-fieldmask", // "location": "query", // "type": "string" diff --git a/cloudfunctions/v1/cloudfunctions-api.json b/cloudfunctions/v1/cloudfunctions-api.json index 1079d05be00..be160acc78c 100644 --- a/cloudfunctions/v1/cloudfunctions-api.json +++ b/cloudfunctions/v1/cloudfunctions-api.json @@ -552,7 +552,7 @@ } } }, - "revision": "20231207", + "revision": "20240104", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AuditConfig": { @@ -618,7 +618,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/cloudfunctions/v1/cloudfunctions-gen.go b/cloudfunctions/v1/cloudfunctions-gen.go index 1de8de27218..ab3870c333c 100644 --- a/cloudfunctions/v1/cloudfunctions-gen.go +++ b/cloudfunctions/v1/cloudfunctions-gen.go @@ -334,11 +334,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -350,7 +373,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/cloudfunctions/v2/cloudfunctions-api.json b/cloudfunctions/v2/cloudfunctions-api.json index 3f8b50f72f1..d65740b9c81 100644 --- a/cloudfunctions/v2/cloudfunctions-api.json +++ b/cloudfunctions/v2/cloudfunctions-api.json @@ -571,7 +571,7 @@ } } }, - "revision": "20231207", + "revision": "20240104", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AuditConfig": { @@ -622,6 +622,12 @@ }, "type": "object" }, + "AutomaticUpdatePolicy": { + "description": "Security patches are applied automatically to the runtime without requiring the function to be redeployed.", + "id": "AutomaticUpdatePolicy", + "properties": {}, + "type": "object" + }, "Binding": { "description": "Associates `members`, or principals, with a `role`.", "id": "Binding", @@ -631,7 +637,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, @@ -648,6 +654,10 @@ "description": "Describes the Build step of the function that builds a container from the given source.", "id": "BuildConfig", "properties": { + "automaticUpdatePolicy": { + "$ref": "AutomaticUpdatePolicy", + "description": "See the comment next to this message for more details." + }, "build": { "description": "Output only. The Cloud Build name of the latest successful deployment of the function.", "readOnly": true, @@ -668,7 +678,7 @@ "type": "string" }, "dockerRepository": { - "description": "User managed repository created in Artifact Registry optionally with a customer managed encryption key. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'.", + "description": "Repository in Artifact Registry to which the function docker image will be pushed after it is built by Cloud Build. If specified by user, it is created and managed by user with a customer managed encryption key. Otherwise, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'.", "type": "string" }, "entryPoint": { @@ -682,10 +692,18 @@ "description": "User-provided build-time environment variables for the function", "type": "object" }, + "onDeployUpdatePolicy": { + "$ref": "OnDeployUpdatePolicy", + "description": "See the comment next to this message for more details." + }, "runtime": { "description": "The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime).", "type": "string" }, + "serviceAccount": { + "description": "[Preview] Service account to be used for building the container", + "type": "string" + }, "source": { "$ref": "Source", "description": "The location of the function source code." @@ -945,6 +963,20 @@ "description": "Request of `GenerateSourceUploadUrl` method.", "id": "GenerateUploadUrlRequest", "properties": { + "environment": { + "description": "The function environment the generated upload url will be used for. The upload url for 2nd Gen functions can also be used for 1st gen functions, but not vice versa. If not specified, 2nd generation-style upload URLs are generated.", + "enum": [ + "ENVIRONMENT_UNSPECIFIED", + "GEN_1", + "GEN_2" + ], + "enumDescriptions": [ + "Unspecified", + "Gen 1", + "Gen 2" + ], + "type": "string" + }, "kmsKeyName": { "description": "[Preview] Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function source code objects in intermediate Cloud Storage buckets. When you generate an upload url and upload your source code, it gets copied to an intermediate Cloud Storage bucket. The source code is then copied to a versioned directory in the sources bucket in the consumer project during the function deployment. It must match the pattern `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. The Google Cloud Functions service account (service-{project_number}@gcf-admin-robot.iam.gserviceaccount.com) must be granted the role 'Cloud KMS CryptoKey Encrypter/Decrypter (roles/cloudkms.cryptoKeyEncrypterDecrypter)' on the Key/KeyRing/Project/Organization (least access preferred).", "type": "string" @@ -1679,6 +1711,18 @@ }, "type": "object" }, + "OnDeployUpdatePolicy": { + "description": "Security patches are only applied when a function is redeployed.", + "id": "OnDeployUpdatePolicy", + "properties": { + "runtimeVersion": { + "description": "Output only. contains the runtime version which was used during latest function deployment.", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, "Operation": { "description": "This resource represents a long-running operation that is the result of a network API call.", "id": "Operation", diff --git a/cloudfunctions/v2/cloudfunctions-gen.go b/cloudfunctions/v2/cloudfunctions-gen.go index a1dd9e0b7cd..9c0e20f831b 100644 --- a/cloudfunctions/v2/cloudfunctions-gen.go +++ b/cloudfunctions/v2/cloudfunctions-gen.go @@ -309,6 +309,11 @@ func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// AutomaticUpdatePolicy: Security patches are applied automatically to +// the runtime without requiring the function to be redeployed. +type AutomaticUpdatePolicy struct { +} + // Binding: Associates `members`, or principals, with a `role`. type Binding struct { // Condition: The condition that is associated with this binding. If the @@ -341,11 +346,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -357,7 +385,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. @@ -390,6 +423,10 @@ func (s *Binding) MarshalJSON() ([]byte, error) { // BuildConfig: Describes the Build step of the function that builds a // container from the given source. type BuildConfig struct { + // AutomaticUpdatePolicy: See the comment next to this message for more + // details. + AutomaticUpdatePolicy *AutomaticUpdatePolicy `json:"automaticUpdatePolicy,omitempty"` + // Build: Output only. The Cloud Build name of the latest successful // deployment of the function. Build string `json:"build,omitempty"` @@ -413,12 +450,12 @@ type BuildConfig struct { // by the user using the `docker_repository` field. DockerRegistry string `json:"dockerRegistry,omitempty"` - // DockerRepository: User managed repository created in Artifact - // Registry optionally with a customer managed encryption key. This is - // the repository to which the function docker image will be pushed - // after it is built by Cloud Build. If unspecified, GCF will create and - // use a repository named 'gcf-artifacts' for every deployed region. It - // must match the pattern + // DockerRepository: Repository in Artifact Registry to which the + // function docker image will be pushed after it is built by Cloud + // Build. If specified by user, it is created and managed by user with a + // customer managed encryption key. Otherwise, GCF will create and use a + // repository named 'gcf-artifacts' for every deployed region. It must + // match the pattern // `projects/{project}/locations/{location}/repositories/{repository}`. // Cross-project repositories are not supported. Cross-location // repositories are not supported. Repository format must be 'DOCKER'. @@ -436,6 +473,10 @@ type BuildConfig struct { // for the function EnvironmentVariables map[string]string `json:"environmentVariables,omitempty"` + // OnDeployUpdatePolicy: See the comment next to this message for more + // details. + OnDeployUpdatePolicy *OnDeployUpdatePolicy `json:"onDeployUpdatePolicy,omitempty"` + // Runtime: The runtime in which to run the function. Required when // deploying a new function, optional when updating an existing // function. For a complete list of possible choices, see the `gcloud` @@ -443,6 +484,10 @@ type BuildConfig struct { // (https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime). Runtime string `json:"runtime,omitempty"` + // ServiceAccount: [Preview] Service account to be used for building the + // container + ServiceAccount string `json:"serviceAccount,omitempty"` + // Source: The location of the function source code. Source *Source `json:"source,omitempty"` @@ -466,20 +511,22 @@ type BuildConfig struct { // (roles/cloudbuild.customworkers.builder) in the project. WorkerPool string `json:"workerPool,omitempty"` - // ForceSendFields is a list of field names (e.g. "Build") to - // unconditionally include in API requests. By default, fields with - // empty or default values are omitted from API requests. However, any - // non-pointer, non-interface field appearing in ForceSendFields will be - // sent to the server regardless of whether the field is empty or not. - // This may be used to include empty fields in Patch requests. + // ForceSendFields is a list of field names (e.g. + // "AutomaticUpdatePolicy") to unconditionally include in API requests. + // By default, fields with empty or default values are omitted from API + // requests. However, any non-pointer, non-interface field appearing in + // ForceSendFields will be sent to the server regardless of whether the + // field is empty or not. This may be used to include empty fields in + // Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Build") to include in API - // requests with the JSON null value. By default, fields with empty - // values are omitted from API requests. However, any field with an - // empty value appearing in NullFields will be sent to the server as - // null. It is an error if a field in this list has a non-empty value. - // This may be used to include null fields in Patch requests. + // NullFields is a list of field names (e.g. "AutomaticUpdatePolicy") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. NullFields []string `json:"-"` } @@ -857,6 +904,17 @@ func (s *GenerateDownloadUrlResponse) MarshalJSON() ([]byte, error) { // GenerateUploadUrlRequest: Request of `GenerateSourceUploadUrl` // method. type GenerateUploadUrlRequest struct { + // Environment: The function environment the generated upload url will + // be used for. The upload url for 2nd Gen functions can also be used + // for 1st gen functions, but not vice versa. If not specified, 2nd + // generation-style upload URLs are generated. + // + // Possible values: + // "ENVIRONMENT_UNSPECIFIED" - Unspecified + // "GEN_1" - Gen 1 + // "GEN_2" - Gen 2 + Environment string `json:"environment,omitempty"` + // KmsKeyName: [Preview] Resource name of a KMS crypto key (managed by // the user) used to encrypt/decrypt function source code objects in // intermediate Cloud Storage buckets. When you generate an upload url @@ -872,7 +930,7 @@ type GenerateUploadUrlRequest struct { // Key/KeyRing/Project/Organization (least access preferred). KmsKeyName string `json:"kmsKeyName,omitempty"` - // ForceSendFields is a list of field names (e.g. "KmsKeyName") to + // ForceSendFields is a list of field names (e.g. "Environment") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be @@ -880,10 +938,10 @@ type GenerateUploadUrlRequest struct { // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "KmsKeyName") to include in - // API requests with the JSON null value. By default, fields with empty - // values are omitted from API requests. However, any field with an - // empty value appearing in NullFields will be sent to the server as + // NullFields is a list of field names (e.g. "Environment") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` @@ -1759,6 +1817,37 @@ func (s *Location) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// OnDeployUpdatePolicy: Security patches are only applied when a +// function is redeployed. +type OnDeployUpdatePolicy struct { + // RuntimeVersion: Output only. contains the runtime version which was + // used during latest function deployment. + RuntimeVersion string `json:"runtimeVersion,omitempty"` + + // ForceSendFields is a list of field names (e.g. "RuntimeVersion") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "RuntimeVersion") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *OnDeployUpdatePolicy) MarshalJSON() ([]byte, error) { + type NoMethod OnDeployUpdatePolicy + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // Operation: This resource represents a long-running operation that is // the result of a network API call. type Operation struct { diff --git a/cloudfunctions/v2alpha/cloudfunctions-api.json b/cloudfunctions/v2alpha/cloudfunctions-api.json index d307f63e9aa..9a6a38cd4d6 100644 --- a/cloudfunctions/v2alpha/cloudfunctions-api.json +++ b/cloudfunctions/v2alpha/cloudfunctions-api.json @@ -571,7 +571,7 @@ } } }, - "revision": "20231207", + "revision": "20240104", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AuditConfig": { @@ -622,6 +622,12 @@ }, "type": "object" }, + "AutomaticUpdatePolicy": { + "description": "Security patches are applied automatically to the runtime without requiring the function to be redeployed.", + "id": "AutomaticUpdatePolicy", + "properties": {}, + "type": "object" + }, "Binding": { "description": "Associates `members`, or principals, with a `role`.", "id": "Binding", @@ -631,7 +637,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, @@ -648,6 +654,10 @@ "description": "Describes the Build step of the function that builds a container from the given source.", "id": "BuildConfig", "properties": { + "automaticUpdatePolicy": { + "$ref": "AutomaticUpdatePolicy", + "description": "See the comment next to this message for more details." + }, "build": { "description": "Output only. The Cloud Build name of the latest successful deployment of the function.", "readOnly": true, @@ -668,7 +678,7 @@ "type": "string" }, "dockerRepository": { - "description": "User managed repository created in Artifact Registry optionally with a customer managed encryption key. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'.", + "description": "Repository in Artifact Registry to which the function docker image will be pushed after it is built by Cloud Build. If specified by user, it is created and managed by user with a customer managed encryption key. Otherwise, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'.", "type": "string" }, "entryPoint": { @@ -682,10 +692,18 @@ "description": "User-provided build-time environment variables for the function", "type": "object" }, + "onDeployUpdatePolicy": { + "$ref": "OnDeployUpdatePolicy", + "description": "See the comment next to this message for more details." + }, "runtime": { "description": "The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime).", "type": "string" }, + "serviceAccount": { + "description": "[Preview] Service account to be used for building the container", + "type": "string" + }, "source": { "$ref": "Source", "description": "The location of the function source code." @@ -945,6 +963,20 @@ "description": "Request of `GenerateSourceUploadUrl` method.", "id": "GenerateUploadUrlRequest", "properties": { + "environment": { + "description": "The function environment the generated upload url will be used for. The upload url for 2nd Gen functions can also be used for 1st gen functions, but not vice versa. If not specified, 2nd generation-style upload URLs are generated.", + "enum": [ + "ENVIRONMENT_UNSPECIFIED", + "GEN_1", + "GEN_2" + ], + "enumDescriptions": [ + "Unspecified", + "Gen 1", + "Gen 2" + ], + "type": "string" + }, "kmsKeyName": { "description": "[Preview] Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function source code objects in intermediate Cloud Storage buckets. When you generate an upload url and upload your source code, it gets copied to an intermediate Cloud Storage bucket. The source code is then copied to a versioned directory in the sources bucket in the consumer project during the function deployment. It must match the pattern `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. The Google Cloud Functions service account (service-{project_number}@gcf-admin-robot.iam.gserviceaccount.com) must be granted the role 'Cloud KMS CryptoKey Encrypter/Decrypter (roles/cloudkms.cryptoKeyEncrypterDecrypter)' on the Key/KeyRing/Project/Organization (least access preferred).", "type": "string" @@ -1679,6 +1711,18 @@ }, "type": "object" }, + "OnDeployUpdatePolicy": { + "description": "Security patches are only applied when a function is redeployed.", + "id": "OnDeployUpdatePolicy", + "properties": { + "runtimeVersion": { + "description": "Output only. contains the runtime version which was used during latest function deployment.", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, "Operation": { "description": "This resource represents a long-running operation that is the result of a network API call.", "id": "Operation", diff --git a/cloudfunctions/v2alpha/cloudfunctions-gen.go b/cloudfunctions/v2alpha/cloudfunctions-gen.go index 4354482d13f..2b0354c2696 100644 --- a/cloudfunctions/v2alpha/cloudfunctions-gen.go +++ b/cloudfunctions/v2alpha/cloudfunctions-gen.go @@ -309,6 +309,11 @@ func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// AutomaticUpdatePolicy: Security patches are applied automatically to +// the runtime without requiring the function to be redeployed. +type AutomaticUpdatePolicy struct { +} + // Binding: Associates `members`, or principals, with a `role`. type Binding struct { // Condition: The condition that is associated with this binding. If the @@ -341,11 +346,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -357,7 +385,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. @@ -390,6 +423,10 @@ func (s *Binding) MarshalJSON() ([]byte, error) { // BuildConfig: Describes the Build step of the function that builds a // container from the given source. type BuildConfig struct { + // AutomaticUpdatePolicy: See the comment next to this message for more + // details. + AutomaticUpdatePolicy *AutomaticUpdatePolicy `json:"automaticUpdatePolicy,omitempty"` + // Build: Output only. The Cloud Build name of the latest successful // deployment of the function. Build string `json:"build,omitempty"` @@ -413,12 +450,12 @@ type BuildConfig struct { // by the user using the `docker_repository` field. DockerRegistry string `json:"dockerRegistry,omitempty"` - // DockerRepository: User managed repository created in Artifact - // Registry optionally with a customer managed encryption key. This is - // the repository to which the function docker image will be pushed - // after it is built by Cloud Build. If unspecified, GCF will create and - // use a repository named 'gcf-artifacts' for every deployed region. It - // must match the pattern + // DockerRepository: Repository in Artifact Registry to which the + // function docker image will be pushed after it is built by Cloud + // Build. If specified by user, it is created and managed by user with a + // customer managed encryption key. Otherwise, GCF will create and use a + // repository named 'gcf-artifacts' for every deployed region. It must + // match the pattern // `projects/{project}/locations/{location}/repositories/{repository}`. // Cross-project repositories are not supported. Cross-location // repositories are not supported. Repository format must be 'DOCKER'. @@ -436,6 +473,10 @@ type BuildConfig struct { // for the function EnvironmentVariables map[string]string `json:"environmentVariables,omitempty"` + // OnDeployUpdatePolicy: See the comment next to this message for more + // details. + OnDeployUpdatePolicy *OnDeployUpdatePolicy `json:"onDeployUpdatePolicy,omitempty"` + // Runtime: The runtime in which to run the function. Required when // deploying a new function, optional when updating an existing // function. For a complete list of possible choices, see the `gcloud` @@ -443,6 +484,10 @@ type BuildConfig struct { // (https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime). Runtime string `json:"runtime,omitempty"` + // ServiceAccount: [Preview] Service account to be used for building the + // container + ServiceAccount string `json:"serviceAccount,omitempty"` + // Source: The location of the function source code. Source *Source `json:"source,omitempty"` @@ -466,20 +511,22 @@ type BuildConfig struct { // (roles/cloudbuild.customworkers.builder) in the project. WorkerPool string `json:"workerPool,omitempty"` - // ForceSendFields is a list of field names (e.g. "Build") to - // unconditionally include in API requests. By default, fields with - // empty or default values are omitted from API requests. However, any - // non-pointer, non-interface field appearing in ForceSendFields will be - // sent to the server regardless of whether the field is empty or not. - // This may be used to include empty fields in Patch requests. + // ForceSendFields is a list of field names (e.g. + // "AutomaticUpdatePolicy") to unconditionally include in API requests. + // By default, fields with empty or default values are omitted from API + // requests. However, any non-pointer, non-interface field appearing in + // ForceSendFields will be sent to the server regardless of whether the + // field is empty or not. This may be used to include empty fields in + // Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Build") to include in API - // requests with the JSON null value. By default, fields with empty - // values are omitted from API requests. However, any field with an - // empty value appearing in NullFields will be sent to the server as - // null. It is an error if a field in this list has a non-empty value. - // This may be used to include null fields in Patch requests. + // NullFields is a list of field names (e.g. "AutomaticUpdatePolicy") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. NullFields []string `json:"-"` } @@ -857,6 +904,17 @@ func (s *GenerateDownloadUrlResponse) MarshalJSON() ([]byte, error) { // GenerateUploadUrlRequest: Request of `GenerateSourceUploadUrl` // method. type GenerateUploadUrlRequest struct { + // Environment: The function environment the generated upload url will + // be used for. The upload url for 2nd Gen functions can also be used + // for 1st gen functions, but not vice versa. If not specified, 2nd + // generation-style upload URLs are generated. + // + // Possible values: + // "ENVIRONMENT_UNSPECIFIED" - Unspecified + // "GEN_1" - Gen 1 + // "GEN_2" - Gen 2 + Environment string `json:"environment,omitempty"` + // KmsKeyName: [Preview] Resource name of a KMS crypto key (managed by // the user) used to encrypt/decrypt function source code objects in // intermediate Cloud Storage buckets. When you generate an upload url @@ -872,7 +930,7 @@ type GenerateUploadUrlRequest struct { // Key/KeyRing/Project/Organization (least access preferred). KmsKeyName string `json:"kmsKeyName,omitempty"` - // ForceSendFields is a list of field names (e.g. "KmsKeyName") to + // ForceSendFields is a list of field names (e.g. "Environment") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be @@ -880,10 +938,10 @@ type GenerateUploadUrlRequest struct { // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "KmsKeyName") to include in - // API requests with the JSON null value. By default, fields with empty - // values are omitted from API requests. However, any field with an - // empty value appearing in NullFields will be sent to the server as + // NullFields is a list of field names (e.g. "Environment") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` @@ -1759,6 +1817,37 @@ func (s *Location) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// OnDeployUpdatePolicy: Security patches are only applied when a +// function is redeployed. +type OnDeployUpdatePolicy struct { + // RuntimeVersion: Output only. contains the runtime version which was + // used during latest function deployment. + RuntimeVersion string `json:"runtimeVersion,omitempty"` + + // ForceSendFields is a list of field names (e.g. "RuntimeVersion") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "RuntimeVersion") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *OnDeployUpdatePolicy) MarshalJSON() ([]byte, error) { + type NoMethod OnDeployUpdatePolicy + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // Operation: This resource represents a long-running operation that is // the result of a network API call. type Operation struct { diff --git a/cloudfunctions/v2beta/cloudfunctions-api.json b/cloudfunctions/v2beta/cloudfunctions-api.json index 52e5996966e..7041d569d8f 100644 --- a/cloudfunctions/v2beta/cloudfunctions-api.json +++ b/cloudfunctions/v2beta/cloudfunctions-api.json @@ -571,7 +571,7 @@ } } }, - "revision": "20231207", + "revision": "20240104", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AuditConfig": { @@ -622,6 +622,12 @@ }, "type": "object" }, + "AutomaticUpdatePolicy": { + "description": "Security patches are applied automatically to the runtime without requiring the function to be redeployed.", + "id": "AutomaticUpdatePolicy", + "properties": {}, + "type": "object" + }, "Binding": { "description": "Associates `members`, or principals, with a `role`.", "id": "Binding", @@ -631,7 +637,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, @@ -648,6 +654,10 @@ "description": "Describes the Build step of the function that builds a container from the given source.", "id": "BuildConfig", "properties": { + "automaticUpdatePolicy": { + "$ref": "AutomaticUpdatePolicy", + "description": "See the comment next to this message for more details." + }, "build": { "description": "Output only. The Cloud Build name of the latest successful deployment of the function.", "readOnly": true, @@ -668,7 +678,7 @@ "type": "string" }, "dockerRepository": { - "description": "User managed repository created in Artifact Registry optionally with a customer managed encryption key. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'.", + "description": "Repository in Artifact Registry to which the function docker image will be pushed after it is built by Cloud Build. If specified by user, it is created and managed by user with a customer managed encryption key. Otherwise, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'.", "type": "string" }, "entryPoint": { @@ -682,10 +692,18 @@ "description": "User-provided build-time environment variables for the function", "type": "object" }, + "onDeployUpdatePolicy": { + "$ref": "OnDeployUpdatePolicy", + "description": "See the comment next to this message for more details." + }, "runtime": { "description": "The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime).", "type": "string" }, + "serviceAccount": { + "description": "[Preview] Service account to be used for building the container", + "type": "string" + }, "source": { "$ref": "Source", "description": "The location of the function source code." @@ -945,6 +963,20 @@ "description": "Request of `GenerateSourceUploadUrl` method.", "id": "GenerateUploadUrlRequest", "properties": { + "environment": { + "description": "The function environment the generated upload url will be used for. The upload url for 2nd Gen functions can also be used for 1st gen functions, but not vice versa. If not specified, 2nd generation-style upload URLs are generated.", + "enum": [ + "ENVIRONMENT_UNSPECIFIED", + "GEN_1", + "GEN_2" + ], + "enumDescriptions": [ + "Unspecified", + "Gen 1", + "Gen 2" + ], + "type": "string" + }, "kmsKeyName": { "description": "[Preview] Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function source code objects in intermediate Cloud Storage buckets. When you generate an upload url and upload your source code, it gets copied to an intermediate Cloud Storage bucket. The source code is then copied to a versioned directory in the sources bucket in the consumer project during the function deployment. It must match the pattern `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. The Google Cloud Functions service account (service-{project_number}@gcf-admin-robot.iam.gserviceaccount.com) must be granted the role 'Cloud KMS CryptoKey Encrypter/Decrypter (roles/cloudkms.cryptoKeyEncrypterDecrypter)' on the Key/KeyRing/Project/Organization (least access preferred).", "type": "string" @@ -1679,6 +1711,18 @@ }, "type": "object" }, + "OnDeployUpdatePolicy": { + "description": "Security patches are only applied when a function is redeployed.", + "id": "OnDeployUpdatePolicy", + "properties": { + "runtimeVersion": { + "description": "Output only. contains the runtime version which was used during latest function deployment.", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, "Operation": { "description": "This resource represents a long-running operation that is the result of a network API call.", "id": "Operation", diff --git a/cloudfunctions/v2beta/cloudfunctions-gen.go b/cloudfunctions/v2beta/cloudfunctions-gen.go index 877e912d806..07db1de6962 100644 --- a/cloudfunctions/v2beta/cloudfunctions-gen.go +++ b/cloudfunctions/v2beta/cloudfunctions-gen.go @@ -309,6 +309,11 @@ func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// AutomaticUpdatePolicy: Security patches are applied automatically to +// the runtime without requiring the function to be redeployed. +type AutomaticUpdatePolicy struct { +} + // Binding: Associates `members`, or principals, with a `role`. type Binding struct { // Condition: The condition that is associated with this binding. If the @@ -341,11 +346,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -357,7 +385,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. @@ -390,6 +423,10 @@ func (s *Binding) MarshalJSON() ([]byte, error) { // BuildConfig: Describes the Build step of the function that builds a // container from the given source. type BuildConfig struct { + // AutomaticUpdatePolicy: See the comment next to this message for more + // details. + AutomaticUpdatePolicy *AutomaticUpdatePolicy `json:"automaticUpdatePolicy,omitempty"` + // Build: Output only. The Cloud Build name of the latest successful // deployment of the function. Build string `json:"build,omitempty"` @@ -413,12 +450,12 @@ type BuildConfig struct { // by the user using the `docker_repository` field. DockerRegistry string `json:"dockerRegistry,omitempty"` - // DockerRepository: User managed repository created in Artifact - // Registry optionally with a customer managed encryption key. This is - // the repository to which the function docker image will be pushed - // after it is built by Cloud Build. If unspecified, GCF will create and - // use a repository named 'gcf-artifacts' for every deployed region. It - // must match the pattern + // DockerRepository: Repository in Artifact Registry to which the + // function docker image will be pushed after it is built by Cloud + // Build. If specified by user, it is created and managed by user with a + // customer managed encryption key. Otherwise, GCF will create and use a + // repository named 'gcf-artifacts' for every deployed region. It must + // match the pattern // `projects/{project}/locations/{location}/repositories/{repository}`. // Cross-project repositories are not supported. Cross-location // repositories are not supported. Repository format must be 'DOCKER'. @@ -436,6 +473,10 @@ type BuildConfig struct { // for the function EnvironmentVariables map[string]string `json:"environmentVariables,omitempty"` + // OnDeployUpdatePolicy: See the comment next to this message for more + // details. + OnDeployUpdatePolicy *OnDeployUpdatePolicy `json:"onDeployUpdatePolicy,omitempty"` + // Runtime: The runtime in which to run the function. Required when // deploying a new function, optional when updating an existing // function. For a complete list of possible choices, see the `gcloud` @@ -443,6 +484,10 @@ type BuildConfig struct { // (https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime). Runtime string `json:"runtime,omitempty"` + // ServiceAccount: [Preview] Service account to be used for building the + // container + ServiceAccount string `json:"serviceAccount,omitempty"` + // Source: The location of the function source code. Source *Source `json:"source,omitempty"` @@ -466,20 +511,22 @@ type BuildConfig struct { // (roles/cloudbuild.customworkers.builder) in the project. WorkerPool string `json:"workerPool,omitempty"` - // ForceSendFields is a list of field names (e.g. "Build") to - // unconditionally include in API requests. By default, fields with - // empty or default values are omitted from API requests. However, any - // non-pointer, non-interface field appearing in ForceSendFields will be - // sent to the server regardless of whether the field is empty or not. - // This may be used to include empty fields in Patch requests. + // ForceSendFields is a list of field names (e.g. + // "AutomaticUpdatePolicy") to unconditionally include in API requests. + // By default, fields with empty or default values are omitted from API + // requests. However, any non-pointer, non-interface field appearing in + // ForceSendFields will be sent to the server regardless of whether the + // field is empty or not. This may be used to include empty fields in + // Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Build") to include in API - // requests with the JSON null value. By default, fields with empty - // values are omitted from API requests. However, any field with an - // empty value appearing in NullFields will be sent to the server as - // null. It is an error if a field in this list has a non-empty value. - // This may be used to include null fields in Patch requests. + // NullFields is a list of field names (e.g. "AutomaticUpdatePolicy") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. NullFields []string `json:"-"` } @@ -857,6 +904,17 @@ func (s *GenerateDownloadUrlResponse) MarshalJSON() ([]byte, error) { // GenerateUploadUrlRequest: Request of `GenerateSourceUploadUrl` // method. type GenerateUploadUrlRequest struct { + // Environment: The function environment the generated upload url will + // be used for. The upload url for 2nd Gen functions can also be used + // for 1st gen functions, but not vice versa. If not specified, 2nd + // generation-style upload URLs are generated. + // + // Possible values: + // "ENVIRONMENT_UNSPECIFIED" - Unspecified + // "GEN_1" - Gen 1 + // "GEN_2" - Gen 2 + Environment string `json:"environment,omitempty"` + // KmsKeyName: [Preview] Resource name of a KMS crypto key (managed by // the user) used to encrypt/decrypt function source code objects in // intermediate Cloud Storage buckets. When you generate an upload url @@ -872,7 +930,7 @@ type GenerateUploadUrlRequest struct { // Key/KeyRing/Project/Organization (least access preferred). KmsKeyName string `json:"kmsKeyName,omitempty"` - // ForceSendFields is a list of field names (e.g. "KmsKeyName") to + // ForceSendFields is a list of field names (e.g. "Environment") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be @@ -880,10 +938,10 @@ type GenerateUploadUrlRequest struct { // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "KmsKeyName") to include in - // API requests with the JSON null value. By default, fields with empty - // values are omitted from API requests. However, any field with an - // empty value appearing in NullFields will be sent to the server as + // NullFields is a list of field names (e.g. "Environment") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` @@ -1759,6 +1817,37 @@ func (s *Location) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// OnDeployUpdatePolicy: Security patches are only applied when a +// function is redeployed. +type OnDeployUpdatePolicy struct { + // RuntimeVersion: Output only. contains the runtime version which was + // used during latest function deployment. + RuntimeVersion string `json:"runtimeVersion,omitempty"` + + // ForceSendFields is a list of field names (e.g. "RuntimeVersion") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "RuntimeVersion") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *OnDeployUpdatePolicy) MarshalJSON() ([]byte, error) { + type NoMethod OnDeployUpdatePolicy + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // Operation: This resource represents a long-running operation that is // the result of a network API call. type Operation struct { diff --git a/composer/v1/composer-api.json b/composer/v1/composer-api.json index 2347e7063fa..2728ac7c201 100644 --- a/composer/v1/composer-api.json +++ b/composer/v1/composer-api.json @@ -599,7 +599,7 @@ } } }, - "revision": "20231004", + "revision": "20240106", "rootUrl": "https://composer.googleapis.com/", "schemas": { "AllowedIpRange": { @@ -675,6 +675,28 @@ }, "type": "object" }, + "CloudDataLineageIntegration": { + "description": "Configuration for Cloud Data Lineage integration.", + "id": "CloudDataLineageIntegration", + "properties": { + "enabled": { + "description": "Optional. Whether or not Cloud Data Lineage integration is enabled.", + "type": "boolean" + } + }, + "type": "object" + }, + "DataRetentionConfig": { + "description": "The configuration setting for Airflow database data retention mechanism.", + "id": "DataRetentionConfig", + "properties": { + "taskLogsRetentionConfig": { + "$ref": "TaskLogsRetentionConfig", + "description": "Optional. The configuration settings for task logs retention" + } + }, + "type": "object" + }, "DatabaseConfig": { "description": "The configuration of Cloud SQL instance that is used by the Apache Airflow software.", "id": "DatabaseConfig", @@ -823,6 +845,10 @@ "description": "Output only. The Cloud Storage prefix of the DAGs for this environment. Although Cloud Storage objects reside in a flat namespace, a hierarchical file tree can be simulated using \"/\"-delimited object name prefixes. DAG objects for this environment reside in a simulated directory with the given prefix.", "type": "string" }, + "dataRetentionConfig": { + "$ref": "DataRetentionConfig", + "description": "Optional. The configuration setting for Airflow database data retention mechanism." + }, "databaseConfig": { "$ref": "DatabaseConfig", "description": "Optional. The configuration settings for Cloud SQL instance used internally by Apache Airflow software." @@ -1578,6 +1604,10 @@ "description": "Optional. Apache Airflow configuration properties to override. Property keys contain the section and property names, separated by a hyphen, for example \"core-dags_are_paused_at_creation\". Section names must not contain hyphens (\"-\"), opening square brackets (\"[\"), or closing square brackets (\"]\"). The property name must not be empty and must not contain an equals sign (\"=\") or semicolon (\";\"). Section and property names must not contain a period (\".\"). Apache Airflow configuration property names must be written in [snake_case](https://en.wikipedia.org/wiki/Snake_case). Property values can contain any character, and can be written in any lower/upper case format. Certain Apache Airflow configuration property values are [blocked](/composer/docs/concepts/airflow-configurations), and cannot be overridden.", "type": "object" }, + "cloudDataLineageIntegration": { + "$ref": "CloudDataLineageIntegration", + "description": "Optional. The configuration for Cloud Data Lineage integration." + }, "envVariables": { "additionalProperties": { "type": "string" @@ -1687,6 +1717,27 @@ }, "type": "object" }, + "TaskLogsRetentionConfig": { + "description": "The configuration setting for Task Logs.", + "id": "TaskLogsRetentionConfig", + "properties": { + "storageMode": { + "description": "Optional. The mode of storage for Airflow workers task logs. For details, see go/composer-store-task-logs-in-cloud-logging-only-design-doc", + "enum": [ + "TASK_LOGS_STORAGE_MODE_UNSPECIFIED", + "CLOUD_LOGGING_AND_CLOUD_STORAGE", + "CLOUD_LOGGING_ONLY" + ], + "enumDescriptions": [ + "This configuration is not specified by the user.", + "Store task logs in Cloud Logging and in the environment's Cloud Storage bucket.", + "Store task logs in Cloud Logging only." + ], + "type": "string" + } + }, + "type": "object" + }, "TriggererResource": { "description": "Configuration for resources used by Airflow triggerers.", "id": "TriggererResource", diff --git a/composer/v1/composer-gen.go b/composer/v1/composer-gen.go index ec2768192c6..9050a4336af 100644 --- a/composer/v1/composer-gen.go +++ b/composer/v1/composer-gen.go @@ -332,6 +332,68 @@ func (s *CidrBlock) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// CloudDataLineageIntegration: Configuration for Cloud Data Lineage +// integration. +type CloudDataLineageIntegration struct { + // Enabled: Optional. Whether or not Cloud Data Lineage integration is + // enabled. + Enabled bool `json:"enabled,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Enabled") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Enabled") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *CloudDataLineageIntegration) MarshalJSON() ([]byte, error) { + type NoMethod CloudDataLineageIntegration + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// DataRetentionConfig: The configuration setting for Airflow database +// data retention mechanism. +type DataRetentionConfig struct { + // TaskLogsRetentionConfig: Optional. The configuration settings for + // task logs retention + TaskLogsRetentionConfig *TaskLogsRetentionConfig `json:"taskLogsRetentionConfig,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "TaskLogsRetentionConfig") to unconditionally include in API + // requests. By default, fields with empty or default values are omitted + // from API requests. However, any non-pointer, non-interface field + // appearing in ForceSendFields will be sent to the server regardless of + // whether the field is empty or not. This may be used to include empty + // fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "TaskLogsRetentionConfig") + // to include in API requests with the JSON null value. By default, + // fields with empty values are omitted from API requests. However, any + // field with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *DataRetentionConfig) MarshalJSON() ([]byte, error) { + type NoMethod DataRetentionConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // DatabaseConfig: The configuration of Cloud SQL instance that is used // by the Apache Airflow software. type DatabaseConfig struct { @@ -577,6 +639,10 @@ type EnvironmentConfig struct { // reside in a simulated directory with the given prefix. DagGcsPrefix string `json:"dagGcsPrefix,omitempty"` + // DataRetentionConfig: Optional. The configuration setting for Airflow + // database data retention mechanism. + DataRetentionConfig *DataRetentionConfig `json:"dataRetentionConfig,omitempty"` + // DatabaseConfig: Optional. The configuration settings for Cloud SQL // instance used internally by Apache Airflow software. DatabaseConfig *DatabaseConfig `json:"databaseConfig,omitempty"` @@ -1952,6 +2018,10 @@ type SoftwareConfig struct { // be overridden. AirflowConfigOverrides map[string]string `json:"airflowConfigOverrides,omitempty"` + // CloudDataLineageIntegration: Optional. The configuration for Cloud + // Data Lineage integration. + CloudDataLineageIntegration *CloudDataLineageIntegration `json:"cloudDataLineageIntegration,omitempty"` + // EnvVariables: Optional. Additional environment variables to provide // to the Apache Airflow scheduler, worker, and webserver processes. // Environment variable names must match the regular expression @@ -2181,6 +2251,43 @@ func (s *StorageConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// TaskLogsRetentionConfig: The configuration setting for Task Logs. +type TaskLogsRetentionConfig struct { + // StorageMode: Optional. The mode of storage for Airflow workers task + // logs. For details, see + // go/composer-store-task-logs-in-cloud-logging-only-design-doc + // + // Possible values: + // "TASK_LOGS_STORAGE_MODE_UNSPECIFIED" - This configuration is not + // specified by the user. + // "CLOUD_LOGGING_AND_CLOUD_STORAGE" - Store task logs in Cloud + // Logging and in the environment's Cloud Storage bucket. + // "CLOUD_LOGGING_ONLY" - Store task logs in Cloud Logging only. + StorageMode string `json:"storageMode,omitempty"` + + // ForceSendFields is a list of field names (e.g. "StorageMode") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "StorageMode") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *TaskLogsRetentionConfig) MarshalJSON() ([]byte, error) { + type NoMethod TaskLogsRetentionConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // TriggererResource: Configuration for resources used by Airflow // triggerers. type TriggererResource struct { diff --git a/composer/v1beta1/composer-api.json b/composer/v1beta1/composer-api.json index b27f2982c1d..9b2093b567f 100644 --- a/composer/v1beta1/composer-api.json +++ b/composer/v1beta1/composer-api.json @@ -655,7 +655,7 @@ } } }, - "revision": "20231129", + "revision": "20240106", "rootUrl": "https://composer.googleapis.com/", "schemas": { "AllowedIpRange": { @@ -780,6 +780,17 @@ }, "type": "object" }, + "DataRetentionConfig": { + "description": "The configuration setting for Airflow database data retention mechanism.", + "id": "DataRetentionConfig", + "properties": { + "taskLogsRetentionConfig": { + "$ref": "TaskLogsRetentionConfig", + "description": "Optional. The configuration settings for task logs retention" + } + }, + "type": "object" + }, "DatabaseConfig": { "description": "The configuration of Cloud SQL instance that is used by the Apache Airflow software.", "id": "DatabaseConfig", @@ -933,6 +944,10 @@ "readOnly": true, "type": "string" }, + "dataRetentionConfig": { + "$ref": "DataRetentionConfig", + "description": "Optional. The configuration setting for Airflow database data retention mechanism." + }, "databaseConfig": { "$ref": "DatabaseConfig", "description": "Optional. The configuration settings for Cloud SQL instance used internally by Apache Airflow software." @@ -1837,6 +1852,27 @@ }, "type": "object" }, + "TaskLogsRetentionConfig": { + "description": "The configuration setting for Task Logs.", + "id": "TaskLogsRetentionConfig", + "properties": { + "storageMode": { + "description": "Optional. The mode of storage for Airflow workers task logs. For details, see go/composer-store-task-logs-in-cloud-logging-only-design-doc", + "enum": [ + "TASK_LOGS_STORAGE_MODE_UNSPECIFIED", + "CLOUD_LOGGING_AND_CLOUD_STORAGE", + "CLOUD_LOGGING_ONLY" + ], + "enumDescriptions": [ + "This configuration is not specified by the user.", + "Store task logs in Cloud Logging and in the environment's Cloud Storage bucket.", + "Store task logs in Cloud Logging only." + ], + "type": "string" + } + }, + "type": "object" + }, "TriggererResource": { "description": "Configuration for resources used by Airflow triggerers.", "id": "TriggererResource", diff --git a/composer/v1beta1/composer-gen.go b/composer/v1beta1/composer-gen.go index dd6c0767d70..cb4a6d1ec78 100644 --- a/composer/v1beta1/composer-gen.go +++ b/composer/v1beta1/composer-gen.go @@ -472,6 +472,38 @@ func (s *DagProcessorResource) UnmarshalJSON(data []byte) error { return nil } +// DataRetentionConfig: The configuration setting for Airflow database +// data retention mechanism. +type DataRetentionConfig struct { + // TaskLogsRetentionConfig: Optional. The configuration settings for + // task logs retention + TaskLogsRetentionConfig *TaskLogsRetentionConfig `json:"taskLogsRetentionConfig,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "TaskLogsRetentionConfig") to unconditionally include in API + // requests. By default, fields with empty or default values are omitted + // from API requests. However, any non-pointer, non-interface field + // appearing in ForceSendFields will be sent to the server regardless of + // whether the field is empty or not. This may be used to include empty + // fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "TaskLogsRetentionConfig") + // to include in API requests with the JSON null value. By default, + // fields with empty values are omitted from API requests. However, any + // field with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *DataRetentionConfig) MarshalJSON() ([]byte, error) { + type NoMethod DataRetentionConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // DatabaseConfig: The configuration of Cloud SQL instance that is used // by the Apache Airflow software. type DatabaseConfig struct { @@ -717,6 +749,10 @@ type EnvironmentConfig struct { // reside in a simulated directory with the given prefix. DagGcsPrefix string `json:"dagGcsPrefix,omitempty"` + // DataRetentionConfig: Optional. The configuration setting for Airflow + // database data retention mechanism. + DataRetentionConfig *DataRetentionConfig `json:"dataRetentionConfig,omitempty"` + // DatabaseConfig: Optional. The configuration settings for Cloud SQL // instance used internally by Apache Airflow software. DatabaseConfig *DatabaseConfig `json:"databaseConfig,omitempty"` @@ -2395,6 +2431,43 @@ func (s *StorageConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// TaskLogsRetentionConfig: The configuration setting for Task Logs. +type TaskLogsRetentionConfig struct { + // StorageMode: Optional. The mode of storage for Airflow workers task + // logs. For details, see + // go/composer-store-task-logs-in-cloud-logging-only-design-doc + // + // Possible values: + // "TASK_LOGS_STORAGE_MODE_UNSPECIFIED" - This configuration is not + // specified by the user. + // "CLOUD_LOGGING_AND_CLOUD_STORAGE" - Store task logs in Cloud + // Logging and in the environment's Cloud Storage bucket. + // "CLOUD_LOGGING_ONLY" - Store task logs in Cloud Logging only. + StorageMode string `json:"storageMode,omitempty"` + + // ForceSendFields is a list of field names (e.g. "StorageMode") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "StorageMode") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *TaskLogsRetentionConfig) MarshalJSON() ([]byte, error) { + type NoMethod TaskLogsRetentionConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // TriggererResource: Configuration for resources used by Airflow // triggerers. type TriggererResource struct { diff --git a/compute/v1/compute-gen.go b/compute/v1/compute-gen.go index 3593e998a07..954688cde47 100644 --- a/compute/v1/compute-gen.go +++ b/compute/v1/compute-gen.go @@ -95,7 +95,9 @@ const apiId = "compute:v1" const apiName = "compute" const apiVersion = "v1" const basePath = "https://compute.googleapis.com/compute/v1/" +const basePathTemplate = "https://compute.UNIVERSE_DOMAIN/compute/v1/" const mtlsBasePath = "https://compute.mtls.googleapis.com/compute/v1/" +const defaultUniverseDomain = "googleapis.com" // OAuth2 scopes used by this API. const ( @@ -134,7 +136,9 @@ func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, err // NOTE: prepend, so we don't override user-specified scopes. opts = append([]option.ClientOption{scopesOption}, opts...) opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) + opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate)) opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) + opts = append(opts, internaloption.WithDefaultUniverseDomain(defaultUniverseDomain)) client, endpoint, err := htransport.NewClient(ctx, opts...) if err != nil { return nil, err diff --git a/containeranalysis/v1/containeranalysis-api.json b/containeranalysis/v1/containeranalysis-api.json index 6c82c332c5a..ab83b732501 100644 --- a/containeranalysis/v1/containeranalysis-api.json +++ b/containeranalysis/v1/containeranalysis-api.json @@ -755,7 +755,7 @@ } } }, - "revision": "20231103", + "revision": "20240105", "rootUrl": "https://containeranalysis.googleapis.com/", "schemas": { "AliasContext": { @@ -989,7 +989,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/containeranalysis/v1/containeranalysis-gen.go b/containeranalysis/v1/containeranalysis-gen.go index 2ac372a2c59..7b123e4839b 100644 --- a/containeranalysis/v1/containeranalysis-gen.go +++ b/containeranalysis/v1/containeranalysis-gen.go @@ -625,11 +625,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -641,7 +664,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/containeranalysis/v1alpha1/containeranalysis-api.json b/containeranalysis/v1alpha1/containeranalysis-api.json index 7975274acbd..18fee540edb 100644 --- a/containeranalysis/v1alpha1/containeranalysis-api.json +++ b/containeranalysis/v1alpha1/containeranalysis-api.json @@ -1233,7 +1233,7 @@ } } }, - "revision": "20231103", + "revision": "20240105", "rootUrl": "https://containeranalysis.googleapis.com/", "schemas": { "AnalysisCompleted": { @@ -1398,7 +1398,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/containeranalysis/v1alpha1/containeranalysis-gen.go b/containeranalysis/v1alpha1/containeranalysis-gen.go index d85e86f85f7..5b772490f38 100644 --- a/containeranalysis/v1alpha1/containeranalysis-gen.go +++ b/containeranalysis/v1alpha1/containeranalysis-gen.go @@ -588,11 +588,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -604,7 +627,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/containeranalysis/v1beta1/containeranalysis-api.json b/containeranalysis/v1beta1/containeranalysis-api.json index 5cfdf77b305..612b58ccb95 100644 --- a/containeranalysis/v1beta1/containeranalysis-api.json +++ b/containeranalysis/v1beta1/containeranalysis-api.json @@ -815,7 +815,7 @@ } } }, - "revision": "20231103", + "revision": "20240105", "rootUrl": "https://containeranalysis.googleapis.com/", "schemas": { "AliasContext": { @@ -1075,7 +1075,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/containeranalysis/v1beta1/containeranalysis-gen.go b/containeranalysis/v1beta1/containeranalysis-gen.go index 2bfa425e008..fb39083eaaa 100644 --- a/containeranalysis/v1beta1/containeranalysis-gen.go +++ b/containeranalysis/v1beta1/containeranalysis-gen.go @@ -713,11 +713,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -729,7 +752,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/dataflow/v1b3/dataflow-api.json b/dataflow/v1b3/dataflow-api.json index 14ce351558d..489ef495f02 100644 --- a/dataflow/v1b3/dataflow-api.json +++ b/dataflow/v1b3/dataflow-api.json @@ -2221,7 +2221,7 @@ } } }, - "revision": "20231217", + "revision": "20240107", "rootUrl": "https://dataflow.googleapis.com/", "schemas": { "ApproximateProgress": { @@ -2367,6 +2367,23 @@ }, "type": "object" }, + "Base2Exponent": { + "description": "Exponential buckets where the growth factor between buckets is `2**(2**-scale)`. e.g. for `scale=1` growth factor is `2**(2**(-1))=sqrt(2)`. `n` buckets will have the following boundaries. - 0th: [0, gf) - i in [1, n-1]: [gf^(i), gf^(i+1))", + "id": "Base2Exponent", + "properties": { + "numberOfBuckets": { + "description": "Must be greater than 0.", + "format": "int32", + "type": "integer" + }, + "scale": { + "description": "Must be between -3 and 3. This forces the growth factor of the bucket boundaries to be between `2^(1/8)` and `256`.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, "BigQueryIODetails": { "description": "Metadata for a BigQuery connector used by the job.", "id": "BigQueryIODetails", @@ -2409,6 +2426,21 @@ }, "type": "object" }, + "BucketOptions": { + "description": "`BucketOptions` describes the bucket boundaries used in the histogram.", + "id": "BucketOptions", + "properties": { + "exponential": { + "$ref": "Base2Exponent", + "description": "Bucket boundaries grow exponentially." + }, + "linear": { + "$ref": "Linear", + "description": "Bucket boundaries grow linearly." + } + }, + "type": "object" + }, "CPUTime": { "description": "Modeled after information exposed by /proc/stat.", "id": "CPUTime", @@ -2907,6 +2939,34 @@ }, "type": "object" }, + "DataflowHistogramValue": { + "description": "Summary statistics for a population of values. HistogramValue contains a sequence of buckets and gives a count of values that fall into each bucket. Bucket boundares are defined by a formula and bucket widths are either fixed or exponentially increasing.", + "id": "DataflowHistogramValue", + "properties": { + "bucketCounts": { + "description": "Optional. The number of values in each bucket of the histogram, as described in `bucket_options`. `bucket_counts` should contain N values, where N is the number of buckets specified in `bucket_options`. If `bucket_counts` has fewer than N values, the remaining values are assumed to be 0.", + "items": { + "format": "int64", + "type": "string" + }, + "type": "array" + }, + "bucketOptions": { + "$ref": "BucketOptions", + "description": "Describes the bucket boundaries used in the histogram." + }, + "count": { + "description": "Number of values recorded in this histogram.", + "format": "int64", + "type": "string" + }, + "outlierStats": { + "$ref": "OutlierStats", + "description": "Statistics on the values recorded in the histogram that fall out of the bucket boundaries." + } + }, + "type": "object" + }, "DatastoreIODetails": { "description": "Metadata for a Datastore connector used by the job.", "id": "DatastoreIODetails", @@ -4408,6 +4468,28 @@ }, "type": "object" }, + "Linear": { + "description": "Linear buckets with the following boundaries for indices in 0 to n-1. - i in [0, n-1]: [start + (i)*width, start + (i+1)*width)", + "id": "Linear", + "properties": { + "numberOfBuckets": { + "description": "Must be greater than 0.", + "format": "int32", + "type": "integer" + }, + "start": { + "description": "Lower bound of the first bucket.", + "format": "double", + "type": "number" + }, + "width": { + "description": "Distance between bucket boundaries. Must be greater than 0.", + "format": "double", + "type": "number" + } + }, + "type": "object" + }, "ListJobMessagesResponse": { "description": "Response to a request to list job messages.", "id": "ListJobMessagesResponse", @@ -4621,6 +4703,33 @@ }, "type": "object" }, + "MetricValue": { + "description": "The value of a metric along with its name and labels.", + "id": "MetricValue", + "properties": { + "metric": { + "description": "Base name for this metric.", + "type": "string" + }, + "metricLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Set of metric labels for this metric.", + "type": "object" + }, + "valueHistogram": { + "$ref": "DataflowHistogramValue", + "description": "Histogram value of this metric." + }, + "valueInt64": { + "description": "Integer value of this metric.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, "MountedDataDisk": { "description": "Describes mounted data disk.", "id": "MountedDataDisk", @@ -4682,6 +4791,33 @@ }, "type": "object" }, + "OutlierStats": { + "description": "Statistics for the underflow and overflow bucket.", + "id": "OutlierStats", + "properties": { + "overflowCount": { + "description": "Number of values that are larger than the upper bound of the largest bucket.", + "format": "int64", + "type": "string" + }, + "overflowMean": { + "description": "Mean of values in the overflow bucket.", + "format": "double", + "type": "number" + }, + "underflowCount": { + "description": "Number of values that are smaller than the lower bound of the smallest bucket.", + "format": "int64", + "type": "string" + }, + "underflowMean": { + "description": "Mean of values in the undeflow bucket.", + "format": "double", + "type": "number" + } + }, + "type": "object" + }, "Package": { "description": "The packages that must be installed in order for a worker to run the steps of the Cloud Dataflow job that will be assigned to its worker pool. This is the mechanism by which the Cloud Dataflow SDK causes code to be loaded onto the workers. For example, the Cloud Dataflow Java SDK might use this to install jars containing the user's code and all of the various dependencies (libraries, data files, etc.) required in order for that code to run.", "id": "Package", @@ -4968,6 +5104,42 @@ }, "type": "object" }, + "PerStepNamespaceMetrics": { + "description": "Metrics for a particular unfused step and namespace. A metric is uniquely identified by the `metrics_namespace`, `original_step`, `metric name` and `metric_labels`.", + "id": "PerStepNamespaceMetrics", + "properties": { + "metricValues": { + "description": "Optional. Metrics that are recorded for this namespace and unfused step.", + "items": { + "$ref": "MetricValue" + }, + "type": "array" + }, + "metricsNamespace": { + "description": "The namespace of these metrics on the worker.", + "type": "string" + }, + "originalStep": { + "description": "The original system name of the unfused step that these metrics are reported from.", + "type": "string" + } + }, + "type": "object" + }, + "PerWorkerMetrics": { + "description": "Per worker metrics.", + "id": "PerWorkerMetrics", + "properties": { + "perStepNamespaceMetrics": { + "description": "Optional. Metrics for a particular unfused step and namespace.", + "items": { + "$ref": "PerStepNamespaceMetrics" + }, + "type": "array" + } + }, + "type": "object" + }, "PipelineDescription": { "description": "A descriptive representation of submitted pipeline as well as the executed form. This data is provided by the Dataflow service for ease of visualizing the pipeline and interpreting Dataflow provided metrics.", "id": "PipelineDescription", @@ -7287,6 +7459,10 @@ "description": "Labels are used to group WorkerMessages. For example, a worker_message about a particular container might have the labels: { \"JOB_ID\": \"2015-04-22\", \"WORKER_ID\": \"wordcount-vm-2015…\" \"CONTAINER_TYPE\": \"worker\", \"CONTAINER_ID\": \"ac1234def\"} Label tags typically correspond to Label enum values. However, for ease of development other strings can be used as tags. LABEL_UNSPECIFIED should not be used here.", "type": "object" }, + "perWorkerMetrics": { + "$ref": "PerWorkerMetrics", + "description": "System defined metrics for this worker." + }, "streamingScalingReport": { "$ref": "StreamingScalingReport", "description": "Contains per-user worker telemetry used in streaming autoscaling." diff --git a/dataflow/v1b3/dataflow-gen.go b/dataflow/v1b3/dataflow-gen.go index b4eb3f55936..05df7cae35a 100644 --- a/dataflow/v1b3/dataflow-gen.go +++ b/dataflow/v1b3/dataflow-gen.go @@ -665,6 +665,42 @@ func (s *AutoscalingSettings) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// Base2Exponent: Exponential buckets where the growth factor between +// buckets is `2**(2**-scale)`. e.g. for `scale=1` growth factor is +// `2**(2**(-1))=sqrt(2)`. `n` buckets will have the following +// boundaries. - 0th: [0, gf) - i in [1, n-1]: [gf^(i), gf^(i+1)) +type Base2Exponent struct { + // NumberOfBuckets: Must be greater than 0. + NumberOfBuckets int64 `json:"numberOfBuckets,omitempty"` + + // Scale: Must be between -3 and 3. This forces the growth factor of the + // bucket boundaries to be between `2^(1/8)` and `256`. + Scale int64 `json:"scale,omitempty"` + + // ForceSendFields is a list of field names (e.g. "NumberOfBuckets") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "NumberOfBuckets") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *Base2Exponent) MarshalJSON() ([]byte, error) { + type NoMethod Base2Exponent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // BigQueryIODetails: Metadata for a BigQuery connector used by the job. type BigQueryIODetails struct { // Dataset: Dataset accessed in the connection. @@ -737,6 +773,38 @@ func (s *BigTableIODetails) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// BucketOptions: `BucketOptions` describes the bucket boundaries used +// in the histogram. +type BucketOptions struct { + // Exponential: Bucket boundaries grow exponentially. + Exponential *Base2Exponent `json:"exponential,omitempty"` + + // Linear: Bucket boundaries grow linearly. + Linear *Linear `json:"linear,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Exponential") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Exponential") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *BucketOptions) MarshalJSON() ([]byte, error) { + type NoMethod BucketOptions + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // CPUTime: Modeled after information exposed by /proc/stat. type CPUTime struct { // Rate: Average CPU utilization rate (% non-idle cpu / second) since @@ -1464,6 +1532,52 @@ func (s *DataSamplingReport) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// DataflowHistogramValue: Summary statistics for a population of +// values. HistogramValue contains a sequence of buckets and gives a +// count of values that fall into each bucket. Bucket boundares are +// defined by a formula and bucket widths are either fixed or +// exponentially increasing. +type DataflowHistogramValue struct { + // BucketCounts: Optional. The number of values in each bucket of the + // histogram, as described in `bucket_options`. `bucket_counts` should + // contain N values, where N is the number of buckets specified in + // `bucket_options`. If `bucket_counts` has fewer than N values, the + // remaining values are assumed to be 0. + BucketCounts googleapi.Int64s `json:"bucketCounts,omitempty"` + + // BucketOptions: Describes the bucket boundaries used in the histogram. + BucketOptions *BucketOptions `json:"bucketOptions,omitempty"` + + // Count: Number of values recorded in this histogram. + Count int64 `json:"count,omitempty,string"` + + // OutlierStats: Statistics on the values recorded in the histogram that + // fall out of the bucket boundaries. + OutlierStats *OutlierStats `json:"outlierStats,omitempty"` + + // ForceSendFields is a list of field names (e.g. "BucketCounts") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "BucketCounts") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *DataflowHistogramValue) MarshalJSON() ([]byte, error) { + type NoMethod DataflowHistogramValue + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // DatastoreIODetails: Metadata for a Datastore connector used by the // job. type DatastoreIODetails struct { @@ -3853,6 +3967,58 @@ func (s *LeaseWorkItemResponse) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// Linear: Linear buckets with the following boundaries for indices in 0 +// to n-1. - i in [0, n-1]: [start + (i)*width, start + (i+1)*width) +type Linear struct { + // NumberOfBuckets: Must be greater than 0. + NumberOfBuckets int64 `json:"numberOfBuckets,omitempty"` + + // Start: Lower bound of the first bucket. + Start float64 `json:"start,omitempty"` + + // Width: Distance between bucket boundaries. Must be greater than 0. + Width float64 `json:"width,omitempty"` + + // ForceSendFields is a list of field names (e.g. "NumberOfBuckets") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "NumberOfBuckets") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *Linear) MarshalJSON() ([]byte, error) { + type NoMethod Linear + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +func (s *Linear) UnmarshalJSON(data []byte) error { + type NoMethod Linear + var s1 struct { + Start gensupport.JSONFloat64 `json:"start"` + Width gensupport.JSONFloat64 `json:"width"` + *NoMethod + } + s1.NoMethod = (*NoMethod)(s) + if err := json.Unmarshal(data, &s1); err != nil { + return err + } + s.Start = float64(s1.Start) + s.Width = float64(s1.Width) + return nil +} + // ListJobMessagesResponse: Response to a request to list job messages. type ListJobMessagesResponse struct { // AutoscalingEvents: Autoscaling events in ascending timestamp order. @@ -4215,6 +4381,43 @@ func (s *MetricUpdate) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// MetricValue: The value of a metric along with its name and labels. +type MetricValue struct { + // Metric: Base name for this metric. + Metric string `json:"metric,omitempty"` + + // MetricLabels: Optional. Set of metric labels for this metric. + MetricLabels map[string]string `json:"metricLabels,omitempty"` + + // ValueHistogram: Histogram value of this metric. + ValueHistogram *DataflowHistogramValue `json:"valueHistogram,omitempty"` + + // ValueInt64: Integer value of this metric. + ValueInt64 int64 `json:"valueInt64,omitempty,string"` + + // ForceSendFields is a list of field names (e.g. "Metric") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Metric") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *MetricValue) MarshalJSON() ([]byte, error) { + type NoMethod MetricValue + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // MountedDataDisk: Describes mounted data disk. type MountedDataDisk struct { // DataDisk: The name of the data disk. This name is local to the Google @@ -4321,6 +4524,61 @@ func (s *NameAndKind) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// OutlierStats: Statistics for the underflow and overflow bucket. +type OutlierStats struct { + // OverflowCount: Number of values that are larger than the upper bound + // of the largest bucket. + OverflowCount int64 `json:"overflowCount,omitempty,string"` + + // OverflowMean: Mean of values in the overflow bucket. + OverflowMean float64 `json:"overflowMean,omitempty"` + + // UnderflowCount: Number of values that are smaller than the lower + // bound of the smallest bucket. + UnderflowCount int64 `json:"underflowCount,omitempty,string"` + + // UnderflowMean: Mean of values in the undeflow bucket. + UnderflowMean float64 `json:"underflowMean,omitempty"` + + // ForceSendFields is a list of field names (e.g. "OverflowCount") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "OverflowCount") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *OutlierStats) MarshalJSON() ([]byte, error) { + type NoMethod OutlierStats + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +func (s *OutlierStats) UnmarshalJSON(data []byte) error { + type NoMethod OutlierStats + var s1 struct { + OverflowMean gensupport.JSONFloat64 `json:"overflowMean"` + UnderflowMean gensupport.JSONFloat64 `json:"underflowMean"` + *NoMethod + } + s1.NoMethod = (*NoMethod)(s) + if err := json.Unmarshal(data, &s1); err != nil { + return err + } + s.OverflowMean = float64(s1.OverflowMean) + s.UnderflowMean = float64(s1.UnderflowMean) + return nil +} + // Package: The packages that must be installed in order for a worker to // run the steps of the Cloud Dataflow job that will be assigned to its // worker pool. This is the mechanism by which the Cloud Dataflow SDK @@ -4685,6 +4943,76 @@ func (s *PartialGroupByKeyInstruction) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// PerStepNamespaceMetrics: Metrics for a particular unfused step and +// namespace. A metric is uniquely identified by the +// `metrics_namespace`, `original_step`, `metric name` and +// `metric_labels`. +type PerStepNamespaceMetrics struct { + // MetricValues: Optional. Metrics that are recorded for this namespace + // and unfused step. + MetricValues []*MetricValue `json:"metricValues,omitempty"` + + // MetricsNamespace: The namespace of these metrics on the worker. + MetricsNamespace string `json:"metricsNamespace,omitempty"` + + // OriginalStep: The original system name of the unfused step that these + // metrics are reported from. + OriginalStep string `json:"originalStep,omitempty"` + + // ForceSendFields is a list of field names (e.g. "MetricValues") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "MetricValues") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *PerStepNamespaceMetrics) MarshalJSON() ([]byte, error) { + type NoMethod PerStepNamespaceMetrics + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// PerWorkerMetrics: Per worker metrics. +type PerWorkerMetrics struct { + // PerStepNamespaceMetrics: Optional. Metrics for a particular unfused + // step and namespace. + PerStepNamespaceMetrics []*PerStepNamespaceMetrics `json:"perStepNamespaceMetrics,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "PerStepNamespaceMetrics") to unconditionally include in API + // requests. By default, fields with empty or default values are omitted + // from API requests. However, any non-pointer, non-interface field + // appearing in ForceSendFields will be sent to the server regardless of + // whether the field is empty or not. This may be used to include empty + // fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "PerStepNamespaceMetrics") + // to include in API requests with the JSON null value. By default, + // fields with empty values are omitted from API requests. However, any + // field with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *PerWorkerMetrics) MarshalJSON() ([]byte, error) { + type NoMethod PerWorkerMetrics + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // PipelineDescription: A descriptive representation of submitted // pipeline as well as the executed form. This data is provided by the // Dataflow service for ease of visualizing the pipeline and @@ -8210,6 +8538,9 @@ type WorkerMessage struct { // should not be used here. Labels map[string]string `json:"labels,omitempty"` + // PerWorkerMetrics: System defined metrics for this worker. + PerWorkerMetrics *PerWorkerMetrics `json:"perWorkerMetrics,omitempty"` + // StreamingScalingReport: Contains per-user worker telemetry used in // streaming autoscaling. StreamingScalingReport *StreamingScalingReport `json:"streamingScalingReport,omitempty"` diff --git a/datastream/v1/datastream-api.json b/datastream/v1/datastream-api.json index b8a75f43d92..38152f1b55d 100644 --- a/datastream/v1/datastream-api.json +++ b/datastream/v1/datastream-api.json @@ -1250,7 +1250,7 @@ } } }, - "revision": "20231129", + "revision": "20240103", "rootUrl": "https://datastream.googleapis.com/", "schemas": { "AvroFileFormat": { @@ -2372,6 +2372,18 @@ }, "type": "object" }, + "OracleScnPosition": { + "description": "Oracle SCN position", + "id": "OracleScnPosition", + "properties": { + "scn": { + "description": "Required. SCN number from where Logs will be read", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, "OracleSourceConfig": { "description": "Oracle data source configuration", "id": "OracleSourceConfig", @@ -2805,6 +2817,10 @@ "mysqlLogPosition": { "$ref": "MysqlLogPosition", "description": "MySQL specific log position to start replicating from." + }, + "oracleScnPosition": { + "$ref": "OracleScnPosition", + "description": "Oracle specific log position to start replicating from." } }, "type": "object" diff --git a/datastream/v1/datastream-gen.go b/datastream/v1/datastream-gen.go index 02b4b1a7dd5..c34cb950853 100644 --- a/datastream/v1/datastream-gen.go +++ b/datastream/v1/datastream-gen.go @@ -1956,6 +1956,34 @@ func (s *OracleSchema) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// OracleScnPosition: Oracle SCN position +type OracleScnPosition struct { + // Scn: Required. SCN number from where Logs will be read + Scn int64 `json:"scn,omitempty,string"` + + // ForceSendFields is a list of field names (e.g. "Scn") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Scn") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *OracleScnPosition) MarshalJSON() ([]byte, error) { + type NoMethod OracleScnPosition + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // OracleSourceConfig: Oracle data source configuration type OracleSourceConfig struct { // DropLargeObjects: Drop large object values. @@ -2653,6 +2681,10 @@ type SpecificStartPosition struct { // from. MysqlLogPosition *MysqlLogPosition `json:"mysqlLogPosition,omitempty"` + // OracleScnPosition: Oracle specific log position to start replicating + // from. + OracleScnPosition *OracleScnPosition `json:"oracleScnPosition,omitempty"` + // ForceSendFields is a list of field names (e.g. "MysqlLogPosition") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any diff --git a/dialogflow/v3/dialogflow-api.json b/dialogflow/v3/dialogflow-api.json index 4b21f26e3c5..fc5b1dc9e7c 100644 --- a/dialogflow/v3/dialogflow-api.json +++ b/dialogflow/v3/dialogflow-api.json @@ -1440,6 +1440,35 @@ "https://www.googleapis.com/auth/cloud-platform", "https://www.googleapis.com/auth/dialogflow" ] + }, + "serverStreamingDetectIntent": { + "description": "Processes a natural language query and returns structured, actionable data as a result through server-side streaming. Server-side streaming allows Dialogflow to send [partial responses](https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) earlier in a single request.", + "flatPath": "v3/projects/{projectsId}/locations/{locationsId}/agents/{agentsId}/environments/{environmentsId}/sessions/{sessionsId}:serverStreamingDetectIntent", + "httpMethod": "POST", + "id": "dialogflow.projects.locations.agents.environments.sessions.serverStreamingDetectIntent", + "parameterOrder": [ + "session" + ], + "parameters": { + "session": { + "description": "Required. The name of the session this query is sent to. Format: `projects//locations//agents//sessions/` or `projects//locations//agents//environments//sessions/`. If `Environment ID` is not specified, we assume default 'draft' environment. It's up to the API caller to choose an appropriate `Session ID`. It can be a random number or some type of session identifiers (preferably hashed). The length of the `Session ID` must not exceed 36 characters. For more information, see the [sessions guide](https://cloud.google.com/dialogflow/cx/docs/concept/session). Note: Always use agent versions for production traffic. See [Versions and environments](https://cloud.google.com/dialogflow/cx/docs/concept/version).", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/agents/[^/]+/environments/[^/]+/sessions/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+session}:serverStreamingDetectIntent", + "request": { + "$ref": "GoogleCloudDialogflowCxV3DetectIntentRequest" + }, + "response": { + "$ref": "GoogleCloudDialogflowCxV3DetectIntentResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/dialogflow" + ] } }, "resources": { @@ -3035,6 +3064,35 @@ "https://www.googleapis.com/auth/dialogflow" ] }, + "serverStreamingDetectIntent": { + "description": "Processes a natural language query and returns structured, actionable data as a result through server-side streaming. Server-side streaming allows Dialogflow to send [partial responses](https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) earlier in a single request.", + "flatPath": "v3/projects/{projectsId}/locations/{locationsId}/agents/{agentsId}/sessions/{sessionsId}:serverStreamingDetectIntent", + "httpMethod": "POST", + "id": "dialogflow.projects.locations.agents.sessions.serverStreamingDetectIntent", + "parameterOrder": [ + "session" + ], + "parameters": { + "session": { + "description": "Required. The name of the session this query is sent to. Format: `projects//locations//agents//sessions/` or `projects//locations//agents//environments//sessions/`. If `Environment ID` is not specified, we assume default 'draft' environment. It's up to the API caller to choose an appropriate `Session ID`. It can be a random number or some type of session identifiers (preferably hashed). The length of the `Session ID` must not exceed 36 characters. For more information, see the [sessions guide](https://cloud.google.com/dialogflow/cx/docs/concept/session). Note: Always use agent versions for production traffic. See [Versions and environments](https://cloud.google.com/dialogflow/cx/docs/concept/version).", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/agents/[^/]+/sessions/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+session}:serverStreamingDetectIntent", + "request": { + "$ref": "GoogleCloudDialogflowCxV3DetectIntentRequest" + }, + "response": { + "$ref": "GoogleCloudDialogflowCxV3DetectIntentResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/dialogflow" + ] + }, "submitAnswerFeedback": { "description": "Updates the feedback received from the user for a single turn of the bot response.", "flatPath": "v3/projects/{projectsId}/locations/{locationsId}/agents/{agentsId}/sessions/{sessionsId}:submitAnswerFeedback", @@ -4337,7 +4395,7 @@ } } }, - "revision": "20240102", + "revision": "20240108", "rootUrl": "https://dialogflow.googleapis.com/", "schemas": { "GoogleCloudDialogflowCxV3AdvancedSettings": { diff --git a/dialogflow/v3/dialogflow-gen.go b/dialogflow/v3/dialogflow-gen.go index ea119fb2564..bb8eaf530a8 100644 --- a/dialogflow/v3/dialogflow-gen.go +++ b/dialogflow/v3/dialogflow-gen.go @@ -28973,6 +28973,168 @@ func (c *ProjectsLocationsAgentsEnvironmentsSessionsMatchIntentCall) Do(opts ... } +// method id "dialogflow.projects.locations.agents.environments.sessions.serverStreamingDetectIntent": + +type ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall struct { + s *Service + sessionid string + googleclouddialogflowcxv3detectintentrequest *GoogleCloudDialogflowCxV3DetectIntentRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// ServerStreamingDetectIntent: Processes a natural language query and +// returns structured, actionable data as a result through server-side +// streaming. Server-side streaming allows Dialogflow to send partial +// responses +// (https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) +// earlier in a single request. +// +// - session: The name of the session this query is sent to. Format: +// `projects//locations//agents//sessions/` or +// `projects//locations//agents//environments//sessions/`. If +// `Environment ID` is not specified, we assume default 'draft' +// environment. It's up to the API caller to choose an appropriate +// `Session ID`. It can be a random number or some type of session +// identifiers (preferably hashed). The length of the `Session ID` +// must not exceed 36 characters. For more information, see the +// sessions guide +// (https://cloud.google.com/dialogflow/cx/docs/concept/session). +// Note: Always use agent versions for production traffic. See +// Versions and environments +// (https://cloud.google.com/dialogflow/cx/docs/concept/version). +func (r *ProjectsLocationsAgentsEnvironmentsSessionsService) ServerStreamingDetectIntent(sessionid string, googleclouddialogflowcxv3detectintentrequest *GoogleCloudDialogflowCxV3DetectIntentRequest) *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall { + c := &ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.sessionid = sessionid + c.googleclouddialogflowcxv3detectintentrequest = googleclouddialogflowcxv3detectintentrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall) Fields(s ...googleapi.Field) *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall) Context(ctx context.Context) *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googleclouddialogflowcxv3detectintentrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+session}:serverStreamingDetectIntent") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "session": c.sessionid, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "dialogflow.projects.locations.agents.environments.sessions.serverStreamingDetectIntent" call. +// Exactly one of *GoogleCloudDialogflowCxV3DetectIntentResponse or +// error will be non-nil. Any non-2xx status code is an error. Response +// headers are in either +// *GoogleCloudDialogflowCxV3DetectIntentResponse.ServerResponse.Header +// or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall) Do(opts ...googleapi.CallOption) (*GoogleCloudDialogflowCxV3DetectIntentResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleCloudDialogflowCxV3DetectIntentResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Processes a natural language query and returns structured, actionable data as a result through server-side streaming. Server-side streaming allows Dialogflow to send [partial responses](https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) earlier in a single request.", + // "flatPath": "v3/projects/{projectsId}/locations/{locationsId}/agents/{agentsId}/environments/{environmentsId}/sessions/{sessionsId}:serverStreamingDetectIntent", + // "httpMethod": "POST", + // "id": "dialogflow.projects.locations.agents.environments.sessions.serverStreamingDetectIntent", + // "parameterOrder": [ + // "session" + // ], + // "parameters": { + // "session": { + // "description": "Required. The name of the session this query is sent to. Format: `projects//locations//agents//sessions/` or `projects//locations//agents//environments//sessions/`. If `Environment ID` is not specified, we assume default 'draft' environment. It's up to the API caller to choose an appropriate `Session ID`. It can be a random number or some type of session identifiers (preferably hashed). The length of the `Session ID` must not exceed 36 characters. For more information, see the [sessions guide](https://cloud.google.com/dialogflow/cx/docs/concept/session). Note: Always use agent versions for production traffic. See [Versions and environments](https://cloud.google.com/dialogflow/cx/docs/concept/version).", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/agents/[^/]+/environments/[^/]+/sessions/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+session}:serverStreamingDetectIntent", + // "request": { + // "$ref": "GoogleCloudDialogflowCxV3DetectIntentRequest" + // }, + // "response": { + // "$ref": "GoogleCloudDialogflowCxV3DetectIntentResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/dialogflow" + // ] + // } + +} + // method id "dialogflow.projects.locations.agents.environments.sessions.entityTypes.create": type ProjectsLocationsAgentsEnvironmentsSessionsEntityTypesCreateCall struct { @@ -36851,6 +37013,168 @@ func (c *ProjectsLocationsAgentsSessionsMatchIntentCall) Do(opts ...googleapi.Ca } +// method id "dialogflow.projects.locations.agents.sessions.serverStreamingDetectIntent": + +type ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall struct { + s *Service + sessionid string + googleclouddialogflowcxv3detectintentrequest *GoogleCloudDialogflowCxV3DetectIntentRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// ServerStreamingDetectIntent: Processes a natural language query and +// returns structured, actionable data as a result through server-side +// streaming. Server-side streaming allows Dialogflow to send partial +// responses +// (https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) +// earlier in a single request. +// +// - session: The name of the session this query is sent to. Format: +// `projects//locations//agents//sessions/` or +// `projects//locations//agents//environments//sessions/`. If +// `Environment ID` is not specified, we assume default 'draft' +// environment. It's up to the API caller to choose an appropriate +// `Session ID`. It can be a random number or some type of session +// identifiers (preferably hashed). The length of the `Session ID` +// must not exceed 36 characters. For more information, see the +// sessions guide +// (https://cloud.google.com/dialogflow/cx/docs/concept/session). +// Note: Always use agent versions for production traffic. See +// Versions and environments +// (https://cloud.google.com/dialogflow/cx/docs/concept/version). +func (r *ProjectsLocationsAgentsSessionsService) ServerStreamingDetectIntent(sessionid string, googleclouddialogflowcxv3detectintentrequest *GoogleCloudDialogflowCxV3DetectIntentRequest) *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall { + c := &ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.sessionid = sessionid + c.googleclouddialogflowcxv3detectintentrequest = googleclouddialogflowcxv3detectintentrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall) Fields(s ...googleapi.Field) *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall) Context(ctx context.Context) *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googleclouddialogflowcxv3detectintentrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+session}:serverStreamingDetectIntent") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "session": c.sessionid, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "dialogflow.projects.locations.agents.sessions.serverStreamingDetectIntent" call. +// Exactly one of *GoogleCloudDialogflowCxV3DetectIntentResponse or +// error will be non-nil. Any non-2xx status code is an error. Response +// headers are in either +// *GoogleCloudDialogflowCxV3DetectIntentResponse.ServerResponse.Header +// or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall) Do(opts ...googleapi.CallOption) (*GoogleCloudDialogflowCxV3DetectIntentResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleCloudDialogflowCxV3DetectIntentResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Processes a natural language query and returns structured, actionable data as a result through server-side streaming. Server-side streaming allows Dialogflow to send [partial responses](https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) earlier in a single request.", + // "flatPath": "v3/projects/{projectsId}/locations/{locationsId}/agents/{agentsId}/sessions/{sessionsId}:serverStreamingDetectIntent", + // "httpMethod": "POST", + // "id": "dialogflow.projects.locations.agents.sessions.serverStreamingDetectIntent", + // "parameterOrder": [ + // "session" + // ], + // "parameters": { + // "session": { + // "description": "Required. The name of the session this query is sent to. Format: `projects//locations//agents//sessions/` or `projects//locations//agents//environments//sessions/`. If `Environment ID` is not specified, we assume default 'draft' environment. It's up to the API caller to choose an appropriate `Session ID`. It can be a random number or some type of session identifiers (preferably hashed). The length of the `Session ID` must not exceed 36 characters. For more information, see the [sessions guide](https://cloud.google.com/dialogflow/cx/docs/concept/session). Note: Always use agent versions for production traffic. See [Versions and environments](https://cloud.google.com/dialogflow/cx/docs/concept/version).", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/agents/[^/]+/sessions/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+session}:serverStreamingDetectIntent", + // "request": { + // "$ref": "GoogleCloudDialogflowCxV3DetectIntentRequest" + // }, + // "response": { + // "$ref": "GoogleCloudDialogflowCxV3DetectIntentResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/dialogflow" + // ] + // } + +} + // method id "dialogflow.projects.locations.agents.sessions.submitAnswerFeedback": type ProjectsLocationsAgentsSessionsSubmitAnswerFeedbackCall struct { diff --git a/dialogflow/v3beta1/dialogflow-api.json b/dialogflow/v3beta1/dialogflow-api.json index f8d92765200..7315e8e2879 100644 --- a/dialogflow/v3beta1/dialogflow-api.json +++ b/dialogflow/v3beta1/dialogflow-api.json @@ -1440,6 +1440,35 @@ "https://www.googleapis.com/auth/cloud-platform", "https://www.googleapis.com/auth/dialogflow" ] + }, + "serverStreamingDetectIntent": { + "description": "Processes a natural language query and returns structured, actionable data as a result through server-side streaming. Server-side streaming allows Dialogflow to send [partial responses](https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) earlier in a single request.", + "flatPath": "v3beta1/projects/{projectsId}/locations/{locationsId}/agents/{agentsId}/environments/{environmentsId}/sessions/{sessionsId}:serverStreamingDetectIntent", + "httpMethod": "POST", + "id": "dialogflow.projects.locations.agents.environments.sessions.serverStreamingDetectIntent", + "parameterOrder": [ + "session" + ], + "parameters": { + "session": { + "description": "Required. The name of the session this query is sent to. Format: `projects//locations//agents//sessions/` or `projects//locations//agents//environments//sessions/`. If `Environment ID` is not specified, we assume default 'draft' environment. It's up to the API caller to choose an appropriate `Session ID`. It can be a random number or some type of session identifiers (preferably hashed). The length of the `Session ID` must not exceed 36 characters. For more information, see the [sessions guide](https://cloud.google.com/dialogflow/cx/docs/concept/session). Note: Always use agent versions for production traffic. See [Versions and environments](https://cloud.google.com/dialogflow/cx/docs/concept/version).", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/agents/[^/]+/environments/[^/]+/sessions/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3beta1/{+session}:serverStreamingDetectIntent", + "request": { + "$ref": "GoogleCloudDialogflowCxV3beta1DetectIntentRequest" + }, + "response": { + "$ref": "GoogleCloudDialogflowCxV3beta1DetectIntentResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/dialogflow" + ] } }, "resources": { @@ -3035,6 +3064,35 @@ "https://www.googleapis.com/auth/dialogflow" ] }, + "serverStreamingDetectIntent": { + "description": "Processes a natural language query and returns structured, actionable data as a result through server-side streaming. Server-side streaming allows Dialogflow to send [partial responses](https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) earlier in a single request.", + "flatPath": "v3beta1/projects/{projectsId}/locations/{locationsId}/agents/{agentsId}/sessions/{sessionsId}:serverStreamingDetectIntent", + "httpMethod": "POST", + "id": "dialogflow.projects.locations.agents.sessions.serverStreamingDetectIntent", + "parameterOrder": [ + "session" + ], + "parameters": { + "session": { + "description": "Required. The name of the session this query is sent to. Format: `projects//locations//agents//sessions/` or `projects//locations//agents//environments//sessions/`. If `Environment ID` is not specified, we assume default 'draft' environment. It's up to the API caller to choose an appropriate `Session ID`. It can be a random number or some type of session identifiers (preferably hashed). The length of the `Session ID` must not exceed 36 characters. For more information, see the [sessions guide](https://cloud.google.com/dialogflow/cx/docs/concept/session). Note: Always use agent versions for production traffic. See [Versions and environments](https://cloud.google.com/dialogflow/cx/docs/concept/version).", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/agents/[^/]+/sessions/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3beta1/{+session}:serverStreamingDetectIntent", + "request": { + "$ref": "GoogleCloudDialogflowCxV3beta1DetectIntentRequest" + }, + "response": { + "$ref": "GoogleCloudDialogflowCxV3beta1DetectIntentResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/dialogflow" + ] + }, "submitAnswerFeedback": { "description": "Updates the feedback received from the user for a single turn of the bot response.", "flatPath": "v3beta1/projects/{projectsId}/locations/{locationsId}/agents/{agentsId}/sessions/{sessionsId}:submitAnswerFeedback", @@ -4337,7 +4395,7 @@ } } }, - "revision": "20240102", + "revision": "20240108", "rootUrl": "https://dialogflow.googleapis.com/", "schemas": { "GoogleCloudDialogflowCxV3AdvancedSettings": { diff --git a/dialogflow/v3beta1/dialogflow-gen.go b/dialogflow/v3beta1/dialogflow-gen.go index 4f8c384d938..30bab48a6a2 100644 --- a/dialogflow/v3beta1/dialogflow-gen.go +++ b/dialogflow/v3beta1/dialogflow-gen.go @@ -28991,6 +28991,168 @@ func (c *ProjectsLocationsAgentsEnvironmentsSessionsMatchIntentCall) Do(opts ... } +// method id "dialogflow.projects.locations.agents.environments.sessions.serverStreamingDetectIntent": + +type ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall struct { + s *Service + sessionid string + googleclouddialogflowcxv3beta1detectintentrequest *GoogleCloudDialogflowCxV3beta1DetectIntentRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// ServerStreamingDetectIntent: Processes a natural language query and +// returns structured, actionable data as a result through server-side +// streaming. Server-side streaming allows Dialogflow to send partial +// responses +// (https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) +// earlier in a single request. +// +// - session: The name of the session this query is sent to. Format: +// `projects//locations//agents//sessions/` or +// `projects//locations//agents//environments//sessions/`. If +// `Environment ID` is not specified, we assume default 'draft' +// environment. It's up to the API caller to choose an appropriate +// `Session ID`. It can be a random number or some type of session +// identifiers (preferably hashed). The length of the `Session ID` +// must not exceed 36 characters. For more information, see the +// sessions guide +// (https://cloud.google.com/dialogflow/cx/docs/concept/session). +// Note: Always use agent versions for production traffic. See +// Versions and environments +// (https://cloud.google.com/dialogflow/cx/docs/concept/version). +func (r *ProjectsLocationsAgentsEnvironmentsSessionsService) ServerStreamingDetectIntent(sessionid string, googleclouddialogflowcxv3beta1detectintentrequest *GoogleCloudDialogflowCxV3beta1DetectIntentRequest) *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall { + c := &ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.sessionid = sessionid + c.googleclouddialogflowcxv3beta1detectintentrequest = googleclouddialogflowcxv3beta1detectintentrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall) Fields(s ...googleapi.Field) *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall) Context(ctx context.Context) *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googleclouddialogflowcxv3beta1detectintentrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3beta1/{+session}:serverStreamingDetectIntent") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "session": c.sessionid, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "dialogflow.projects.locations.agents.environments.sessions.serverStreamingDetectIntent" call. +// Exactly one of *GoogleCloudDialogflowCxV3beta1DetectIntentResponse or +// error will be non-nil. Any non-2xx status code is an error. Response +// headers are in either +// *GoogleCloudDialogflowCxV3beta1DetectIntentResponse.ServerResponse.Hea +// der or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsAgentsEnvironmentsSessionsServerStreamingDetectIntentCall) Do(opts ...googleapi.CallOption) (*GoogleCloudDialogflowCxV3beta1DetectIntentResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleCloudDialogflowCxV3beta1DetectIntentResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Processes a natural language query and returns structured, actionable data as a result through server-side streaming. Server-side streaming allows Dialogflow to send [partial responses](https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) earlier in a single request.", + // "flatPath": "v3beta1/projects/{projectsId}/locations/{locationsId}/agents/{agentsId}/environments/{environmentsId}/sessions/{sessionsId}:serverStreamingDetectIntent", + // "httpMethod": "POST", + // "id": "dialogflow.projects.locations.agents.environments.sessions.serverStreamingDetectIntent", + // "parameterOrder": [ + // "session" + // ], + // "parameters": { + // "session": { + // "description": "Required. The name of the session this query is sent to. Format: `projects//locations//agents//sessions/` or `projects//locations//agents//environments//sessions/`. If `Environment ID` is not specified, we assume default 'draft' environment. It's up to the API caller to choose an appropriate `Session ID`. It can be a random number or some type of session identifiers (preferably hashed). The length of the `Session ID` must not exceed 36 characters. For more information, see the [sessions guide](https://cloud.google.com/dialogflow/cx/docs/concept/session). Note: Always use agent versions for production traffic. See [Versions and environments](https://cloud.google.com/dialogflow/cx/docs/concept/version).", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/agents/[^/]+/environments/[^/]+/sessions/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3beta1/{+session}:serverStreamingDetectIntent", + // "request": { + // "$ref": "GoogleCloudDialogflowCxV3beta1DetectIntentRequest" + // }, + // "response": { + // "$ref": "GoogleCloudDialogflowCxV3beta1DetectIntentResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/dialogflow" + // ] + // } + +} + // method id "dialogflow.projects.locations.agents.environments.sessions.entityTypes.create": type ProjectsLocationsAgentsEnvironmentsSessionsEntityTypesCreateCall struct { @@ -36883,6 +37045,168 @@ func (c *ProjectsLocationsAgentsSessionsMatchIntentCall) Do(opts ...googleapi.Ca } +// method id "dialogflow.projects.locations.agents.sessions.serverStreamingDetectIntent": + +type ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall struct { + s *Service + sessionid string + googleclouddialogflowcxv3beta1detectintentrequest *GoogleCloudDialogflowCxV3beta1DetectIntentRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// ServerStreamingDetectIntent: Processes a natural language query and +// returns structured, actionable data as a result through server-side +// streaming. Server-side streaming allows Dialogflow to send partial +// responses +// (https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) +// earlier in a single request. +// +// - session: The name of the session this query is sent to. Format: +// `projects//locations//agents//sessions/` or +// `projects//locations//agents//environments//sessions/`. If +// `Environment ID` is not specified, we assume default 'draft' +// environment. It's up to the API caller to choose an appropriate +// `Session ID`. It can be a random number or some type of session +// identifiers (preferably hashed). The length of the `Session ID` +// must not exceed 36 characters. For more information, see the +// sessions guide +// (https://cloud.google.com/dialogflow/cx/docs/concept/session). +// Note: Always use agent versions for production traffic. See +// Versions and environments +// (https://cloud.google.com/dialogflow/cx/docs/concept/version). +func (r *ProjectsLocationsAgentsSessionsService) ServerStreamingDetectIntent(sessionid string, googleclouddialogflowcxv3beta1detectintentrequest *GoogleCloudDialogflowCxV3beta1DetectIntentRequest) *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall { + c := &ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.sessionid = sessionid + c.googleclouddialogflowcxv3beta1detectintentrequest = googleclouddialogflowcxv3beta1detectintentrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall) Fields(s ...googleapi.Field) *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall) Context(ctx context.Context) *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googleclouddialogflowcxv3beta1detectintentrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3beta1/{+session}:serverStreamingDetectIntent") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "session": c.sessionid, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "dialogflow.projects.locations.agents.sessions.serverStreamingDetectIntent" call. +// Exactly one of *GoogleCloudDialogflowCxV3beta1DetectIntentResponse or +// error will be non-nil. Any non-2xx status code is an error. Response +// headers are in either +// *GoogleCloudDialogflowCxV3beta1DetectIntentResponse.ServerResponse.Hea +// der or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was +// returned. +func (c *ProjectsLocationsAgentsSessionsServerStreamingDetectIntentCall) Do(opts ...googleapi.CallOption) (*GoogleCloudDialogflowCxV3beta1DetectIntentResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleCloudDialogflowCxV3beta1DetectIntentResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Processes a natural language query and returns structured, actionable data as a result through server-side streaming. Server-side streaming allows Dialogflow to send [partial responses](https://cloud.google.com/dialogflow/cx/docs/concept/fulfillment#partial-response) earlier in a single request.", + // "flatPath": "v3beta1/projects/{projectsId}/locations/{locationsId}/agents/{agentsId}/sessions/{sessionsId}:serverStreamingDetectIntent", + // "httpMethod": "POST", + // "id": "dialogflow.projects.locations.agents.sessions.serverStreamingDetectIntent", + // "parameterOrder": [ + // "session" + // ], + // "parameters": { + // "session": { + // "description": "Required. The name of the session this query is sent to. Format: `projects//locations//agents//sessions/` or `projects//locations//agents//environments//sessions/`. If `Environment ID` is not specified, we assume default 'draft' environment. It's up to the API caller to choose an appropriate `Session ID`. It can be a random number or some type of session identifiers (preferably hashed). The length of the `Session ID` must not exceed 36 characters. For more information, see the [sessions guide](https://cloud.google.com/dialogflow/cx/docs/concept/session). Note: Always use agent versions for production traffic. See [Versions and environments](https://cloud.google.com/dialogflow/cx/docs/concept/version).", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/agents/[^/]+/sessions/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3beta1/{+session}:serverStreamingDetectIntent", + // "request": { + // "$ref": "GoogleCloudDialogflowCxV3beta1DetectIntentRequest" + // }, + // "response": { + // "$ref": "GoogleCloudDialogflowCxV3beta1DetectIntentResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/dialogflow" + // ] + // } + +} + // method id "dialogflow.projects.locations.agents.sessions.submitAnswerFeedback": type ProjectsLocationsAgentsSessionsSubmitAnswerFeedbackCall struct { diff --git a/domains/v1alpha2/domains-api.json b/domains/v1alpha2/domains-api.json index 653ba37e2e2..89967e4ccca 100644 --- a/domains/v1alpha2/domains-api.json +++ b/domains/v1alpha2/domains-api.json @@ -848,7 +848,7 @@ } } }, - "revision": "20231108", + "revision": "20240103", "rootUrl": "https://domains.googleapis.com/", "schemas": { "AuditConfig": { @@ -919,7 +919,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, @@ -1051,7 +1051,7 @@ "enumDescriptions": [ "The contact privacy settings are undefined.", "All the data from `ContactSettings` is publicly available. When setting this option, you must also provide a `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` field of the request.", - "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", + "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", "The organization name (if provided) and limited non-identifying data from `ContactSettings` is available to the public (e.g. country and state). The remaining data is marked as `REDACTED FOR PRIVACY` in the WHOIS database. The actual information redacted depends on the domain. For details, see [the registration privacy article](https://support.google.com/domains/answer/3251242)." ], "type": "string" @@ -1106,7 +1106,7 @@ "googleDomainsDns": { "$ref": "GoogleDomainsDns", "deprecated": true, - "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/)." + "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). The free DNS zone provided by [Google Domains](https://domains.google/)." } }, "type": "object" @@ -1226,7 +1226,7 @@ }, "ExportRegistrationRequest": { "deprecated": true, - "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Request for the `ExportRegistration` method.", + "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). Request for the `ExportRegistration` method.", "id": "ExportRegistrationRequest", "properties": {}, "type": "object" @@ -1281,7 +1281,7 @@ }, "GoogleDomainsDns": { "deprecated": true, - "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Configuration for using the free DNS zone provided by Google Domains as a `Registration`'s `dns_provider`. You cannot configure the DNS zone itself using the API. To configure the DNS zone, go to [Google Domains](https://domains.google/).", + "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). Configuration for using the free DNS zone provided by Google Domains as a `Registration`'s `dns_provider`. You cannot configure the DNS zone itself using the API. To configure the DNS zone, go to [Google Domains](https://domains.google/).", "id": "GoogleDomainsDns", "properties": { "dsRecords": { @@ -1319,7 +1319,7 @@ }, "ImportDomainRequest": { "deprecated": true, - "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Request for the `ImportDomain` method.", + "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). Request for the `ImportDomain` method.", "id": "ImportDomainRequest", "properties": { "domainName": { @@ -1429,7 +1429,7 @@ "id": "ManagementSettings", "properties": { "preferredRenewalMethod": { - "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during resource creation and can only be updated when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours.", + "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, the actual `renewalMethod` is treated as if it were set to `AUTOMATIC_RENEWAL`. You cannot use `RENEWAL_DISABLED` during resource creation, and you can update the renewal status only when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL`, the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of problems with the billing account or reported domain abuse. In such cases, check the `issues` field on the `Registration`. After the problem is resolved, the `renewal_method` is automatically updated to `preferred_renewal_method` in a few hours.", "enum": [ "RENEWAL_METHOD_UNSPECIFIED", "AUTOMATIC_RENEWAL", @@ -1445,13 +1445,13 @@ "enumDescriptions": [ "The renewal method is undefined.", "The domain is automatically renewed each year.", - "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) This option was never used. Use RENEWAL_DISABLED instead.", + "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). This option was never used. Use `RENEWAL_DISABLED` instead.", "The domain won't be renewed and will expire at its expiration time." ], "type": "string" }, "renewalMethod": { - "description": "Output only. The actual renewal method for this `Registration`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be equal to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours.", + "description": "Output only. The actual renewal method for this `Registration`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL`, the actual `renewal_method` can be equal to `RENEWAL_DISABLED`—for example, when there are problems with the billing account or reported domain abuse. In such cases, check the `issues` field on the `Registration`. After the problem is resolved, the `renewal_method` is automatically updated to `preferred_renewal_method` in a few hours.", "enum": [ "RENEWAL_METHOD_UNSPECIFIED", "AUTOMATIC_RENEWAL", @@ -1467,7 +1467,7 @@ "enumDescriptions": [ "The renewal method is undefined.", "The domain is automatically renewed each year.", - "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) This option was never used. Use RENEWAL_DISABLED instead.", + "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). This option was never used. Use `RENEWAL_DISABLED` instead.", "The domain won't be renewed and will expire at its expiration time." ], "readOnly": true, @@ -1776,7 +1776,7 @@ "enumDescriptions": [ "The contact privacy settings are undefined.", "All the data from `ContactSettings` is publicly available. When setting this option, you must also provide a `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` field of the request.", - "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", + "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", "The organization name (if provided) and limited non-identifying data from `ContactSettings` is available to the public (e.g. country and state). The remaining data is marked as `REDACTED FOR PRIVACY` in the WHOIS database. The actual information redacted depends on the domain. For details, see [the registration privacy article](https://support.google.com/domains/answer/3251242)." ], "type": "string" @@ -1831,7 +1831,7 @@ "The issue is undefined.", "Contact the Cloud Support team to resolve a problem with this domain.", "[ICANN](https://icann.org/) requires verification of the email address in the `Registration`'s `contact_settings.registrant_contact` field. To verify the email address, follow the instructions in the email the `registrant_contact` receives following registration. If you do not complete email verification within 15 days of registration, the domain is suspended. To resend the verification email, call ConfigureContactSettings and provide the current `registrant_contact.email`.", - "Billing account is not in good standing. The domain will not automatically renew at its expiration time unless you resolve problems with your billing account." + "The billing account is not in good standing. The domain is not automatically renewed at its expiration time unless you resolve problems with your billing account." ], "type": "string" }, @@ -1909,7 +1909,7 @@ "The domain is being transferred from another registrar to Cloud Domains.", "The attempt to transfer the domain from another registrar to Cloud Domains failed. You can delete resources in this state and retry the transfer.", "The domain is being imported from Google Domains to Cloud Domains.", - "The domain is registered and operational. The domain renews automatically as long as it remains in this state and the RenewalMethod is set to AUTOMATIC_RENEWAL.", + "The domain is registered and operational. The domain renews automatically as long as it remains in this state and the `RenewalMethod` is set to `AUTOMATIC_RENEWAL`.", "The domain is suspended and inoperative. For more details, see the `issues` field.", "The domain is no longer managed with Cloud Domains. It may have been transferred to another registrar or exported for management in [Google Domains](https://domains.google/). You can no longer update it with this API, and information shown about it may be stale. Domains in this state are not automatically renewed by Cloud Domains.", "The domain is expired." @@ -1935,7 +1935,7 @@ "enumDescriptions": [ "The contact privacy settings are undefined.", "All the data from `ContactSettings` is publicly available. When setting this option, you must also provide a `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` field of the request.", - "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", + "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", "The organization name (if provided) and limited non-identifying data from `ContactSettings` is available to the public (e.g. country and state). The remaining data is marked as `REDACTED FOR PRIVACY` in the WHOIS database. The actual information redacted depends on the domain. For details, see [the registration privacy article](https://support.google.com/domains/answer/3251242)." ], "type": "string" @@ -1945,7 +1945,7 @@ }, "transferFailureReason": { "deprecated": true, - "description": "Output only. Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The reason the domain transfer failed. Only set for domains in TRANSFER_FAILED state.", + "description": "Output only. Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). The reason the domain transfer failed. Only set for domains in TRANSFER_FAILED state.", "enum": [ "TRANSFER_FAILURE_REASON_UNSPECIFIED", "TRANSFER_FAILURE_REASON_UNKNOWN", @@ -1986,7 +1986,7 @@ }, "RetrieveImportableDomainsResponse": { "deprecated": true, - "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Response for the `RetrieveImportableDomains` method.", + "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). Response for the `RetrieveImportableDomains` method.", "id": "RetrieveImportableDomainsResponse", "properties": { "domains": { @@ -2016,7 +2016,7 @@ }, "RetrieveTransferParametersResponse": { "deprecated": true, - "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Response for the `RetrieveTransferParameters` method.", + "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). Response for the `RetrieveTransferParameters` method.", "id": "RetrieveTransferParametersResponse", "properties": { "transferParameters": { @@ -2113,7 +2113,7 @@ }, "TransferDomainRequest": { "deprecated": true, - "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Request for the `TransferDomain` method.", + "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). Request for the `TransferDomain` method.", "id": "TransferDomainRequest", "properties": { "authorizationCode": { @@ -2152,7 +2152,7 @@ }, "TransferParameters": { "deprecated": true, - "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Parameters required to transfer a domain from another registrar.", + "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). Parameters required to transfer a domain from another registrar.", "id": "TransferParameters", "properties": { "currentRegistrar": { @@ -2192,7 +2192,7 @@ "enumDescriptions": [ "The contact privacy settings are undefined.", "All the data from `ContactSettings` is publicly available. When setting this option, you must also provide a `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` field of the request.", - "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", + "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", "The organization name (if provided) and limited non-identifying data from `ContactSettings` is available to the public (e.g. country and state). The remaining data is marked as `REDACTED FOR PRIVACY` in the WHOIS database. The actual information redacted depends on the domain. For details, see [the registration privacy article](https://support.google.com/domains/answer/3251242)." ], "type": "string" diff --git a/domains/v1alpha2/domains-gen.go b/domains/v1alpha2/domains-gen.go index f3db7241486..2472df5bab5 100644 --- a/domains/v1alpha2/domains-gen.go +++ b/domains/v1alpha2/domains-gen.go @@ -362,11 +362,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -378,7 +401,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. @@ -600,7 +628,7 @@ type ContactSettings struct { // "PRIVATE_CONTACT_DATA" - Deprecated: For more information, see // [Cloud Domains feature // deprecation](https://cloud.google.com/domains/docs/deprecations/featur - // e-deprecations) None of the data from `ContactSettings` is publicly + // e-deprecations). None of the data from `ContactSettings` is publicly // available. Instead, proxy contact data is published for your domain. // Email sent to the proxy email address is forwarded to the // registrant's email address. Cloud Domains provides this privacy proxy @@ -695,7 +723,7 @@ type DnsSettings struct { // GoogleDomainsDns: Deprecated: For more information, see Cloud Domains // feature deprecation - // (https://cloud.google.com/domains/docs/deprecations/feature-deprecations) + // (https://cloud.google.com/domains/docs/deprecations/feature-deprecations). // The free DNS zone provided by Google Domains // (https://domains.google/). GoogleDomainsDns *GoogleDomainsDns `json:"googleDomainsDns,omitempty"` @@ -851,7 +879,7 @@ func (s *DsRecord) MarshalJSON() ([]byte, error) { // ExportRegistrationRequest: Deprecated: For more information, see // Cloud Domains feature deprecation -// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations) +// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations). // Request for the `ExportRegistration` method. type ExportRegistrationRequest struct { } @@ -961,7 +989,7 @@ func (s *GlueRecord) MarshalJSON() ([]byte, error) { // GoogleDomainsDns: Deprecated: For more information, see Cloud Domains // feature deprecation -// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations) +// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations). // Configuration for using the free DNS zone provided by Google Domains // as a `Registration`'s `dns_provider`. You cannot configure the DNS // zone itself using the API. To configure the DNS zone, go to Google @@ -1017,7 +1045,7 @@ func (s *GoogleDomainsDns) MarshalJSON() ([]byte, error) { // ImportDomainRequest: Deprecated: For more information, see Cloud // Domains feature deprecation -// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations) +// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations). // Request for the `ImportDomain` method. type ImportDomainRequest struct { // DomainName: Required. The domain name. Unicode domain names must be @@ -1218,16 +1246,17 @@ type ManagementSettings struct { // PreferredRenewalMethod: Optional. The desired renewal method for this // `Registration`. The actual `renewal_method` is automatically updated // to reflect this choice. If unset or equal to - // `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to - // `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during - // resource creation and can only be updated when the `Registration` - // resource has state `ACTIVE` or `SUSPENDED`. When - // `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual - // `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. - // problems with the Billing Account or reported domain abuse. In such - // cases check the `issues` field on the `Registration`. After the - // problem is resolved the `renewal_method` will be automatically - // updated to `preferred_renewal_method` in a few hours. + // `RENEWAL_METHOD_UNSPECIFIED`, the actual `renewalMethod` is treated + // as if it were set to `AUTOMATIC_RENEWAL`. You cannot use + // `RENEWAL_DISABLED` during resource creation, and you can update the + // renewal status only when the `Registration` resource has state + // `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to + // `AUTOMATIC_RENEWAL`, the actual `renewal_method` can be set to + // `RENEWAL_DISABLED` in case of problems with the billing account or + // reported domain abuse. In such cases, check the `issues` field on the + // `Registration`. After the problem is resolved, the `renewal_method` + // is automatically updated to `preferred_renewal_method` in a few + // hours. // // Possible values: // "RENEWAL_METHOD_UNSPECIFIED" - The renewal method is undefined. @@ -1236,7 +1265,7 @@ type ManagementSettings struct { // "MANUAL_RENEWAL" - Deprecated: For more information, see [Cloud // Domains feature // deprecation](https://cloud.google.com/domains/docs/deprecations/featur - // e-deprecations) This option was never used. Use RENEWAL_DISABLED + // e-deprecations). This option was never used. Use `RENEWAL_DISABLED` // instead. // "RENEWAL_DISABLED" - The domain won't be renewed and will expire at // its expiration time. @@ -1244,11 +1273,11 @@ type ManagementSettings struct { // RenewalMethod: Output only. The actual renewal method for this // `Registration`. When `preferred_renewal_method` is set to - // `AUTOMATIC_RENEWAL` the actual `renewal_method` can be equal to - // `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account - // or reported domain abuse. In such cases check the `issues` field on - // the `Registration`. After the problem is resolved the - // `renewal_method` will be automatically updated to + // `AUTOMATIC_RENEWAL`, the actual `renewal_method` can be equal to + // `RENEWAL_DISABLED`—for example, when there are problems with the + // billing account or reported domain abuse. In such cases, check the + // `issues` field on the `Registration`. After the problem is resolved, + // the `renewal_method` is automatically updated to // `preferred_renewal_method` in a few hours. // // Possible values: @@ -1258,7 +1287,7 @@ type ManagementSettings struct { // "MANUAL_RENEWAL" - Deprecated: For more information, see [Cloud // Domains feature // deprecation](https://cloud.google.com/domains/docs/deprecations/featur - // e-deprecations) This option was never used. Use RENEWAL_DISABLED + // e-deprecations). This option was never used. Use `RENEWAL_DISABLED` // instead. // "RENEWAL_DISABLED" - The domain won't be renewed and will expire at // its expiration time. @@ -1787,7 +1816,7 @@ type RegisterParameters struct { // "PRIVATE_CONTACT_DATA" - Deprecated: For more information, see // [Cloud Domains feature // deprecation](https://cloud.google.com/domains/docs/deprecations/featur - // e-deprecations) None of the data from `ContactSettings` is publicly + // e-deprecations). None of the data from `ContactSettings` is publicly // available. Instead, proxy contact data is published for your domain. // Email sent to the proxy email address is forwarded to the // registrant's email address. Cloud Domains provides this privacy proxy @@ -1891,9 +1920,9 @@ type Registration struct { // domain is suspended. To resend the verification email, call // ConfigureContactSettings and provide the current // `registrant_contact.email`. - // "PROBLEM_WITH_BILLING" - Billing account is not in good standing. - // The domain will not automatically renew at its expiration time unless - // you resolve problems with your billing account. + // "PROBLEM_WITH_BILLING" - The billing account is not in good + // standing. The domain is not automatically renewed at its expiration + // time unless you resolve problems with your billing account. Issues []string `json:"issues,omitempty"` // Labels: Set of labels associated with the `Registration`. @@ -1949,7 +1978,7 @@ type Registration struct { // to Cloud Domains. // "ACTIVE" - The domain is registered and operational. The domain // renews automatically as long as it remains in this state and the - // RenewalMethod is set to AUTOMATIC_RENEWAL. + // `RenewalMethod` is set to `AUTOMATIC_RENEWAL`. // "SUSPENDED" - The domain is suspended and inoperative. For more // details, see the `issues` field. // "EXPORTED" - The domain is no longer managed with Cloud Domains. It @@ -1974,7 +2003,7 @@ type Registration struct { // "PRIVATE_CONTACT_DATA" - Deprecated: For more information, see // [Cloud Domains feature // deprecation](https://cloud.google.com/domains/docs/deprecations/featur - // e-deprecations) None of the data from `ContactSettings` is publicly + // e-deprecations). None of the data from `ContactSettings` is publicly // available. Instead, proxy contact data is published for your domain. // Email sent to the proxy email address is forwarded to the // registrant's email address. Cloud Domains provides this privacy proxy @@ -1989,7 +2018,7 @@ type Registration struct { // TransferFailureReason: Output only. Deprecated: For more information, // see Cloud Domains feature deprecation - // (https://cloud.google.com/domains/docs/deprecations/feature-deprecations) + // (https://cloud.google.com/domains/docs/deprecations/feature-deprecations). // The reason the domain transfer failed. Only set for domains in // TRANSFER_FAILED state. // @@ -2054,7 +2083,7 @@ type ResetAuthorizationCodeRequest struct { // RetrieveImportableDomainsResponse: Deprecated: For more information, // see Cloud Domains feature deprecation -// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations) +// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations). // Response for the `RetrieveImportableDomains` method. type RetrieveImportableDomainsResponse struct { // Domains: A list of domains that the calling user manages in Google @@ -2130,7 +2159,7 @@ func (s *RetrieveRegisterParametersResponse) MarshalJSON() ([]byte, error) { // RetrieveTransferParametersResponse: Deprecated: For more information, // see Cloud Domains feature deprecation -// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations) +// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations). // Response for the `RetrieveTransferParameters` method. type RetrieveTransferParametersResponse struct { // TransferParameters: Parameters to use when calling the @@ -2347,7 +2376,7 @@ func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) { // TransferDomainRequest: Deprecated: For more information, see Cloud // Domains feature deprecation -// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations) +// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations). // Request for the `TransferDomain` method. type TransferDomainRequest struct { // AuthorizationCode: The domain's transfer authorization code. You can @@ -2408,7 +2437,7 @@ func (s *TransferDomainRequest) MarshalJSON() ([]byte, error) { // TransferParameters: Deprecated: For more information, see Cloud // Domains feature deprecation -// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations) +// (https://cloud.google.com/domains/docs/deprecations/feature-deprecations). // Parameters required to transfer a domain from another registrar. type TransferParameters struct { // CurrentRegistrar: The registrar that currently manages the domain. @@ -2438,7 +2467,7 @@ type TransferParameters struct { // "PRIVATE_CONTACT_DATA" - Deprecated: For more information, see // [Cloud Domains feature // deprecation](https://cloud.google.com/domains/docs/deprecations/featur - // e-deprecations) None of the data from `ContactSettings` is publicly + // e-deprecations). None of the data from `ContactSettings` is publicly // available. Instead, proxy contact data is published for your domain. // Email sent to the proxy email address is forwarded to the // registrant's email address. Cloud Domains provides this privacy proxy diff --git a/gkebackup/v1/gkebackup-api.json b/gkebackup/v1/gkebackup-api.json index dfcd94512ad..2c6b7db17f0 100644 --- a/gkebackup/v1/gkebackup-api.json +++ b/gkebackup/v1/gkebackup-api.json @@ -1688,7 +1688,7 @@ } } }, - "revision": "20231208", + "revision": "20240101", "rootUrl": "https://gkebackup.googleapis.com/", "schemas": { "AuditConfig": { @@ -2047,7 +2047,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/gkebackup/v1/gkebackup-gen.go b/gkebackup/v1/gkebackup-gen.go index e02011dfb62..c085618b209 100644 --- a/gkebackup/v1/gkebackup-gen.go +++ b/gkebackup/v1/gkebackup-gen.go @@ -727,11 +727,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -743,7 +766,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/iap/v1/iap-gen.go b/iap/v1/iap-gen.go index a602f467cde..3b156765e63 100644 --- a/iap/v1/iap-gen.go +++ b/iap/v1/iap-gen.go @@ -90,7 +90,9 @@ const apiId = "iap:v1" const apiName = "iap" const apiVersion = "v1" const basePath = "https://iap.googleapis.com/" +const basePathTemplate = "https://iap.UNIVERSE_DOMAIN/" const mtlsBasePath = "https://iap.mtls.googleapis.com/" +const defaultUniverseDomain = "googleapis.com" // OAuth2 scopes used by this API. const ( @@ -107,7 +109,9 @@ func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, err // NOTE: prepend, so we don't override user-specified scopes. opts = append([]option.ClientOption{scopesOption}, opts...) opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) + opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate)) opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) + opts = append(opts, internaloption.WithDefaultUniverseDomain(defaultUniverseDomain)) client, endpoint, err := htransport.NewClient(ctx, opts...) if err != nil { return nil, err diff --git a/identitytoolkit/v2/identitytoolkit-api.json b/identitytoolkit/v2/identitytoolkit-api.json index c109a49f3ec..3134143f665 100644 --- a/identitytoolkit/v2/identitytoolkit-api.json +++ b/identitytoolkit/v2/identitytoolkit-api.json @@ -1655,7 +1655,7 @@ } } }, - "revision": "20231027", + "revision": "20240103", "rootUrl": "https://identitytoolkit.googleapis.com/", "schemas": { "GoogleCloudIdentitytoolkitAdminV2AllowByDefault": { @@ -2934,7 +2934,7 @@ "type": "string" }, "startTime": { - "description": "When this quota will take affect", + "description": "When this quota will take effect", "format": "google-datetime", "type": "string" } @@ -3659,7 +3659,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/identitytoolkit/v2/identitytoolkit-gen.go b/identitytoolkit/v2/identitytoolkit-gen.go index 1163b41bc88..2144f76dafa 100644 --- a/identitytoolkit/v2/identitytoolkit-gen.go +++ b/identitytoolkit/v2/identitytoolkit-gen.go @@ -2506,7 +2506,7 @@ type GoogleCloudIdentitytoolkitAdminV2TemporaryQuota struct { // QuotaDuration: How long this quota will be active for QuotaDuration string `json:"quotaDuration,omitempty"` - // StartTime: When this quota will take affect + // StartTime: When this quota will take effect StartTime string `json:"startTime,omitempty"` // ForceSendFields is a list of field names (e.g. "Quota") to @@ -3824,11 +3824,34 @@ type GoogleIamV1Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -3840,7 +3863,12 @@ type GoogleIamV1Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/migrationcenter/v1alpha1/migrationcenter-api.json b/migrationcenter/v1alpha1/migrationcenter-api.json index dae99dbec1e..d1397f29a8f 100644 --- a/migrationcenter/v1alpha1/migrationcenter-api.json +++ b/migrationcenter/v1alpha1/migrationcenter-api.json @@ -2107,7 +2107,7 @@ } } }, - "revision": "20231208", + "revision": "20240104", "rootUrl": "https://migrationcenter.googleapis.com/", "schemas": { "AddAssetsToGroupRequest": { @@ -4776,7 +4776,7 @@ "properties": { "allAssetsStats": { "$ref": "ReportSummaryAssetAggregateStats", - "description": "Aggregate statistics for all the assets across all the groups." + "description": "Aggregate statistics for unique assets across all the groups." }, "groupFindings": { "description": "Findings for each Group included in this report.", @@ -4816,7 +4816,7 @@ }, "operatingSystem": { "$ref": "ReportSummaryChartData", - "description": "Count of assets grouped by Operating System families." + "description": "Count of assets grouped by Operating System families. Only present for virtual machines." }, "storageBytesHistogram": { "$ref": "ReportSummaryHistogramChartData", @@ -4893,11 +4893,11 @@ "description": "Summary statistics for all the assets in this group." }, "description": { - "description": "Description for the Group.", + "description": "Description for this group finding.", "type": "string" }, "displayName": { - "description": "Display Name for the Group.", + "description": "Display Name for this group finding.", "type": "string" }, "overlappingAssetCount": { @@ -4930,7 +4930,8 @@ }, "machineFinding": { "$ref": "ReportSummaryMachineFinding", - "description": "A set of findings that applies to all machines in the input." + "description": "Output only. A set of findings that applies to all virtual machines in the input. Only present for virtual machines.", + "readOnly": true }, "machinePreferences": { "$ref": "VirtualMachinePreferences", @@ -4942,11 +4943,11 @@ }, "monthlyCostNetworkEgress": { "$ref": "Money", - "description": "Network Egress monthly cost for this preference set." + "description": "Network Egress monthly cost for this preference set. Only present for virtual machines." }, "monthlyCostOsLicense": { "$ref": "Money", - "description": "Licensing monthly cost for this preference set." + "description": "Operating system licensing monthly cost for this preference set. Only present for virtual machines." }, "monthlyCostOther": { "$ref": "Money", @@ -4972,7 +4973,7 @@ }, "soleTenantFinding": { "$ref": "ReportSummarySoleTenantFinding", - "description": "A set of findings that applies to Stole-Tenant machines in the input." + "description": "A set of findings that applies to Stole-Tenant machines in the input. Only present for virtual machines." }, "topPriority": { "deprecated": true, @@ -4981,7 +4982,7 @@ }, "vmwareEngineFinding": { "$ref": "ReportSummaryVMWareEngineFinding", - "description": "A set of findings that applies to VMWare machines in the input." + "description": "A set of findings that applies to VMWare machines in the input. Only present for virtual machines." } }, "type": "object" diff --git a/migrationcenter/v1alpha1/migrationcenter-gen.go b/migrationcenter/v1alpha1/migrationcenter-gen.go index ac7d825b120..0fe311d4d8b 100644 --- a/migrationcenter/v1alpha1/migrationcenter-gen.go +++ b/migrationcenter/v1alpha1/migrationcenter-gen.go @@ -4596,8 +4596,8 @@ func (s *ReportConfigGroupPreferenceSetAssignment) MarshalJSON() ([]byte, error) // aggregated values for all the groups and preference sets included in // this Report. type ReportSummary struct { - // AllAssetsStats: Aggregate statistics for all the assets across all - // the groups. + // AllAssetsStats: Aggregate statistics for unique assets across all the + // groups. AllAssetsStats *ReportSummaryAssetAggregateStats `json:"allAssetsStats,omitempty"` // GroupFindings: Findings for each Group included in this report. @@ -4648,7 +4648,7 @@ type ReportSummaryAssetAggregateStats struct { MemoryUtilizationChart *ReportSummaryUtilizationChartData `json:"memoryUtilizationChart,omitempty"` // OperatingSystem: Count of assets grouped by Operating System - // families. + // families. Only present for virtual machines. OperatingSystem *ReportSummaryChartData `json:"operatingSystem,omitempty"` // StorageBytesHistogram: Histogram showing a distribution of storage @@ -4782,10 +4782,10 @@ type ReportSummaryGroupFinding struct { // group. AssetAggregateStats *ReportSummaryAssetAggregateStats `json:"assetAggregateStats,omitempty"` - // Description: Description for the Group. + // Description: Description for this group finding. Description string `json:"description,omitempty"` - // DisplayName: Display Name for the Group. + // DisplayName: Display Name for this group finding. DisplayName string `json:"displayName,omitempty"` // OverlappingAssetCount: This field is deprecated, do not rely on it @@ -4829,8 +4829,8 @@ type ReportSummaryGroupPreferenceSetFinding struct { // DisplayName: Display Name of the Preference Set DisplayName string `json:"displayName,omitempty"` - // MachineFinding: A set of findings that applies to all machines in the - // input. + // MachineFinding: Output only. A set of findings that applies to all + // virtual machines in the input. Only present for virtual machines. MachineFinding *ReportSummaryMachineFinding `json:"machineFinding,omitempty"` // MachinePreferences: A set of preferences that applies to all machines @@ -4841,10 +4841,11 @@ type ReportSummaryGroupPreferenceSetFinding struct { MonthlyCostCompute *Money `json:"monthlyCostCompute,omitempty"` // MonthlyCostNetworkEgress: Network Egress monthly cost for this - // preference set. + // preference set. Only present for virtual machines. MonthlyCostNetworkEgress *Money `json:"monthlyCostNetworkEgress,omitempty"` - // MonthlyCostOsLicense: Licensing monthly cost for this preference set. + // MonthlyCostOsLicense: Operating system licensing monthly cost for + // this preference set. Only present for virtual machines. MonthlyCostOsLicense *Money `json:"monthlyCostOsLicense,omitempty"` // MonthlyCostOther: Miscellaneous monthly cost for this preference set. @@ -4864,7 +4865,7 @@ type ReportSummaryGroupPreferenceSetFinding struct { PricingTrack string `json:"pricingTrack,omitempty"` // SoleTenantFinding: A set of findings that applies to Stole-Tenant - // machines in the input. + // machines in the input. Only present for virtual machines. SoleTenantFinding *ReportSummarySoleTenantFinding `json:"soleTenantFinding,omitempty"` // TopPriority: Text describing the business priority specified for this @@ -4872,7 +4873,7 @@ type ReportSummaryGroupPreferenceSetFinding struct { TopPriority string `json:"topPriority,omitempty"` // VmwareEngineFinding: A set of findings that applies to VMWare - // machines in the input. + // machines in the input. Only present for virtual machines. VmwareEngineFinding *ReportSummaryVMWareEngineFinding `json:"vmwareEngineFinding,omitempty"` // ForceSendFields is a list of field names (e.g. "Description") to diff --git a/ml/v1/ml-gen.go b/ml/v1/ml-gen.go index e8bd3a29fe4..b25a1939ed5 100644 --- a/ml/v1/ml-gen.go +++ b/ml/v1/ml-gen.go @@ -95,7 +95,9 @@ const apiId = "ml:v1" const apiName = "ml" const apiVersion = "v1" const basePath = "https://ml.googleapis.com/" +const basePathTemplate = "https://ml.UNIVERSE_DOMAIN/" const mtlsBasePath = "https://ml.mtls.googleapis.com/" +const defaultUniverseDomain = "googleapis.com" // OAuth2 scopes used by this API. const ( @@ -117,7 +119,9 @@ func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, err // NOTE: prepend, so we don't override user-specified scopes. opts = append([]option.ClientOption{scopesOption}, opts...) opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) + opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate)) opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) + opts = append(opts, internaloption.WithDefaultUniverseDomain(defaultUniverseDomain)) client, endpoint, err := htransport.NewClient(ctx, opts...) if err != nil { return nil, err diff --git a/monitoring/v1/monitoring-api.json b/monitoring/v1/monitoring-api.json index 495f418c92c..11fd7e297a3 100644 --- a/monitoring/v1/monitoring-api.json +++ b/monitoring/v1/monitoring-api.json @@ -753,7 +753,7 @@ } } }, - "revision": "20231212", + "revision": "20240109", "rootUrl": "https://monitoring.googleapis.com/", "schemas": { "Aggregation": { @@ -1195,19 +1195,19 @@ "type": "object" }, "Dimension": { - "description": "Preview: A chart dimension for an SQL query. This is applied over the x-axis. This is a preview feature and may be subject to change before final release.", + "description": "A chart dimension. Dimensions are a structured labewl, class, or category for a set of measurements in your data.", "id": "Dimension", "properties": { "column": { - "description": "Required. The name of the column in the source SQL query that is used to chart the dimension.", + "description": "The name of the column in the source SQL query that is used to chart the dimension.", "type": "string" }, "columnType": { - "description": "Optional. The type of the dimension column. This is relevant only if one of the bin_size fields is set. If it is empty, the type TIMESTAMP or INT64 will be assumed based on which bin_size field is set. If populated, this should be set to one of the following types: DATE, TIME, DATETIME, TIMESTAMP, BIGNUMERIC, INT64, NUMERIC, FLOAT64.", + "description": "The type of the dimension column. This is relevant only if one of the bin_size fields is set. If it is empty, the type TIMESTAMP or INT64 will be assumed based on which bin_size field is set. If populated, this should be set to one of the following types: DATE, TIME, DATETIME, TIMESTAMP, BIGNUMERIC, INT64, NUMERIC, FLOAT64.", "type": "string" }, "floatBinSize": { - "description": "Optional. float_bin_size is used when the column type used for a dimension is a floating point numeric column.", + "description": "float_bin_size is used when the column type used for a dimension is a floating point numeric column.", "format": "double", "type": "number" }, @@ -1242,7 +1242,7 @@ "type": "string" }, "timeBinSize": { - "description": "time_bin_size is used when the data type specified by column is a time type and the bin size is determined by a time duration. If column_type is DATE, this must be a whole value multiple of 1 day. If column_type is TIME, this must be less than or equal to 24 hours.", + "description": "time_bin_size is used when the data type specified by column is a time type and the bin size is determined by a time duration.", "format": "google-duration", "type": "string" } @@ -1555,15 +1555,15 @@ "type": "object" }, "Measure": { - "description": "Preview: A chart measure for an SQL query. This is applied over the y-axis. This is a preview feature and may be subject to change before final release.", + "description": "A chart measure. Measures represent a measured property in your chart data such as rainfall in inches, number of units sold, revenue gained, etc.", "id": "Measure", "properties": { "aggregationFunction": { "$ref": "AggregationFunction", - "description": "Required. The aggregation function applied to the input column. This must not be set to \"none\" unless binning is disabled on the dimension. The aggregation function is used to group points on the dimension bins." + "description": "The aggregation function applied to the input column. This must not be set to \"none\" unless binning is disabled on the dimension. The aggregation function is used to group points on the dimension bins." }, "column": { - "description": "Required. The column name within in the dataset used for the measure.", + "description": "The column name within the dataset used for the measure.", "type": "string" } }, @@ -1857,6 +1857,20 @@ "description": "Groups a time series query definition.", "id": "PieChartDataSet", "properties": { + "dimensions": { + "description": "A dimension is a structured label, class, or category for a set of measurements in your data.", + "items": { + "$ref": "Dimension" + }, + "type": "array" + }, + "measures": { + "description": "A measure is a measured value of a property in your data. For example, rainfall in inches, number of units sold, revenue gained, etc.", + "items": { + "$ref": "Measure" + }, + "type": "array" + }, "minAlignmentPeriod": { "description": "Optional. The lower bound on data point frequency for this data set, implemented by specifying the minimum alignment period to use in a time series query. For example, if the data is published once every 10 minutes, the min_alignment_period should be at least 10 minutes. It would not make sense to fetch and align data at one minute intervals.", "format": "google-duration", diff --git a/monitoring/v1/monitoring-gen.go b/monitoring/v1/monitoring-gen.go index 046450aeb8e..4876ec7757e 100644 --- a/monitoring/v1/monitoring-gen.go +++ b/monitoring/v1/monitoring-gen.go @@ -1130,24 +1130,22 @@ func (s *DataSet) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// Dimension: Preview: A chart dimension for an SQL query. This is -// applied over the x-axis. This is a preview feature and may be subject -// to change before final release. +// Dimension: A chart dimension. Dimensions are a structured labewl, +// class, or category for a set of measurements in your data. type Dimension struct { - // Column: Required. The name of the column in the source SQL query that - // is used to chart the dimension. + // Column: The name of the column in the source SQL query that is used + // to chart the dimension. Column string `json:"column,omitempty"` - // ColumnType: Optional. The type of the dimension column. This is - // relevant only if one of the bin_size fields is set. If it is empty, - // the type TIMESTAMP or INT64 will be assumed based on which bin_size - // field is set. If populated, this should be set to one of the - // following types: DATE, TIME, DATETIME, TIMESTAMP, BIGNUMERIC, INT64, - // NUMERIC, FLOAT64. + // ColumnType: The type of the dimension column. This is relevant only + // if one of the bin_size fields is set. If it is empty, the type + // TIMESTAMP or INT64 will be assumed based on which bin_size field is + // set. If populated, this should be set to one of the following types: + // DATE, TIME, DATETIME, TIMESTAMP, BIGNUMERIC, INT64, NUMERIC, FLOAT64. ColumnType string `json:"columnType,omitempty"` - // FloatBinSize: Optional. float_bin_size is used when the column type - // used for a dimension is a floating point numeric column. + // FloatBinSize: float_bin_size is used when the column type used for a + // dimension is a floating point numeric column. FloatBinSize float64 `json:"floatBinSize,omitempty"` // MaxBinCount: A limit to the number of bins generated. When 0 is @@ -1178,9 +1176,7 @@ type Dimension struct { // TimeBinSize: time_bin_size is used when the data type specified by // column is a time type and the bin size is determined by a time - // duration. If column_type is DATE, this must be a whole value multiple - // of 1 day. If column_type is TIME, this must be less than or equal to - // 24 hours. + // duration. TimeBinSize string `json:"timeBinSize,omitempty"` // ForceSendFields is a list of field names (e.g. "Column") to @@ -1737,18 +1733,17 @@ func (s *LogsPanel) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// Measure: Preview: A chart measure for an SQL query. This is applied -// over the y-axis. This is a preview feature and may be subject to -// change before final release. +// Measure: A chart measure. Measures represent a measured property in +// your chart data such as rainfall in inches, number of units sold, +// revenue gained, etc. type Measure struct { - // AggregationFunction: Required. The aggregation function applied to - // the input column. This must not be set to "none" unless binning is - // disabled on the dimension. The aggregation function is used to group - // points on the dimension bins. + // AggregationFunction: The aggregation function applied to the input + // column. This must not be set to "none" unless binning is disabled on + // the dimension. The aggregation function is used to group points on + // the dimension bins. AggregationFunction *AggregationFunction `json:"aggregationFunction,omitempty"` - // Column: Required. The column name within in the dataset used for the - // measure. + // Column: The column name within the dataset used for the measure. Column string `json:"column,omitempty"` // ForceSendFields is a list of field names (e.g. "AggregationFunction") @@ -2278,6 +2273,15 @@ func (s *PieChart) MarshalJSON() ([]byte, error) { // PieChartDataSet: Groups a time series query definition. type PieChartDataSet struct { + // Dimensions: A dimension is a structured label, class, or category for + // a set of measurements in your data. + Dimensions []*Dimension `json:"dimensions,omitempty"` + + // Measures: A measure is a measured value of a property in your data. + // For example, rainfall in inches, number of units sold, revenue + // gained, etc. + Measures []*Measure `json:"measures,omitempty"` + // MinAlignmentPeriod: Optional. The lower bound on data point frequency // for this data set, implemented by specifying the minimum alignment // period to use in a time series query. For example, if the data is @@ -2297,21 +2301,20 @@ type PieChartDataSet struct { // google.monitoring.dashboard.v1.TimeSeriesQuery. TimeSeriesQuery *TimeSeriesQuery `json:"timeSeriesQuery,omitempty"` - // ForceSendFields is a list of field names (e.g. "MinAlignmentPeriod") - // to unconditionally include in API requests. By default, fields with + // ForceSendFields is a list of field names (e.g. "Dimensions") to + // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "MinAlignmentPeriod") to - // include in API requests with the JSON null value. By default, fields - // with empty values are omitted from API requests. However, any field - // with an empty value appearing in NullFields will be sent to the - // server as null. It is an error if a field in this list has a - // non-empty value. This may be used to include null fields in Patch - // requests. + // NullFields is a list of field names (e.g. "Dimensions") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` } diff --git a/networkconnectivity/v1/networkconnectivity-api.json b/networkconnectivity/v1/networkconnectivity-api.json index 86c3dcfb189..8e0f1a09abb 100644 --- a/networkconnectivity/v1/networkconnectivity-api.json +++ b/networkconnectivity/v1/networkconnectivity-api.json @@ -761,7 +761,7 @@ ] }, "list": { - "description": "Lists route tables in a given project.", + "description": "Lists route tables in a given hub.", "flatPath": "v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables", "httpMethod": "GET", "id": "networkconnectivity.projects.locations.global.hubs.routeTables.list", @@ -836,7 +836,7 @@ ] }, "list": { - "description": "Lists routes in a given project.", + "description": "Lists routes in a given route table.", "flatPath": "v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables/{routeTablesId}/routes", "httpMethod": "GET", "id": "networkconnectivity.projects.locations.global.hubs.routeTables.routes.list", @@ -2630,7 +2630,7 @@ } } }, - "revision": "20231030", + "revision": "20240103", "rootUrl": "https://networkconnectivity.googleapis.com/", "schemas": { "AcceptHubSpokeRequest": { @@ -2716,7 +2716,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/networkconnectivity/v1/networkconnectivity-gen.go b/networkconnectivity/v1/networkconnectivity-gen.go index b40052933b0..d045a5135f5 100644 --- a/networkconnectivity/v1/networkconnectivity-gen.go +++ b/networkconnectivity/v1/networkconnectivity-gen.go @@ -531,11 +531,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -547,7 +570,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. @@ -6973,7 +7001,7 @@ type ProjectsLocationsGlobalHubsRouteTablesListCall struct { header_ http.Header } -// List: Lists route tables in a given project. +// List: Lists route tables in a given hub. // // - parent: The parent resource's name. func (r *ProjectsLocationsGlobalHubsRouteTablesService) List(parent string) *ProjectsLocationsGlobalHubsRouteTablesListCall { @@ -7108,7 +7136,7 @@ func (c *ProjectsLocationsGlobalHubsRouteTablesListCall) Do(opts ...googleapi.Ca } return ret, nil // { - // "description": "Lists route tables in a given project.", + // "description": "Lists route tables in a given hub.", // "flatPath": "v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables", // "httpMethod": "GET", // "id": "networkconnectivity.projects.locations.global.hubs.routeTables.list", @@ -7334,7 +7362,7 @@ type ProjectsLocationsGlobalHubsRouteTablesRoutesListCall struct { header_ http.Header } -// List: Lists routes in a given project. +// List: Lists routes in a given route table. // // - parent: The parent resource's name. func (r *ProjectsLocationsGlobalHubsRouteTablesRoutesService) List(parent string) *ProjectsLocationsGlobalHubsRouteTablesRoutesListCall { @@ -7469,7 +7497,7 @@ func (c *ProjectsLocationsGlobalHubsRouteTablesRoutesListCall) Do(opts ...google } return ret, nil // { - // "description": "Lists routes in a given project.", + // "description": "Lists routes in a given route table.", // "flatPath": "v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables/{routeTablesId}/routes", // "httpMethod": "GET", // "id": "networkconnectivity.projects.locations.global.hubs.routeTables.routes.list", diff --git a/networkconnectivity/v1alpha1/networkconnectivity-api.json b/networkconnectivity/v1alpha1/networkconnectivity-api.json index 240bf8ffa03..9284e2bcd80 100644 --- a/networkconnectivity/v1alpha1/networkconnectivity-api.json +++ b/networkconnectivity/v1alpha1/networkconnectivity-api.json @@ -1116,7 +1116,7 @@ } } }, - "revision": "20230804", + "revision": "20240103", "rootUrl": "https://networkconnectivity.googleapis.com/", "schemas": { "AuditConfig": { @@ -1176,7 +1176,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/networkconnectivity/v1alpha1/networkconnectivity-gen.go b/networkconnectivity/v1alpha1/networkconnectivity-gen.go index c6474cd38db..77977a76fa3 100644 --- a/networkconnectivity/v1alpha1/networkconnectivity-gen.go +++ b/networkconnectivity/v1alpha1/networkconnectivity-gen.go @@ -365,11 +365,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -381,7 +404,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/notebooks/v1/notebooks-gen.go b/notebooks/v1/notebooks-gen.go index 4bc30584d77..e31233c1e23 100644 --- a/notebooks/v1/notebooks-gen.go +++ b/notebooks/v1/notebooks-gen.go @@ -90,7 +90,9 @@ const apiId = "notebooks:v1" const apiName = "notebooks" const apiVersion = "v1" const basePath = "https://notebooks.googleapis.com/" +const basePathTemplate = "https://notebooks.UNIVERSE_DOMAIN/" const mtlsBasePath = "https://notebooks.mtls.googleapis.com/" +const defaultUniverseDomain = "googleapis.com" // OAuth2 scopes used by this API. const ( @@ -107,7 +109,9 @@ func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, err // NOTE: prepend, so we don't override user-specified scopes. opts = append([]option.ClientOption{scopesOption}, opts...) opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) + opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate)) opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) + opts = append(opts, internaloption.WithDefaultUniverseDomain(defaultUniverseDomain)) client, endpoint, err := htransport.NewClient(ctx, opts...) if err != nil { return nil, err diff --git a/notebooks/v2/notebooks-gen.go b/notebooks/v2/notebooks-gen.go index 85f6610e870..af6fb6288d1 100644 --- a/notebooks/v2/notebooks-gen.go +++ b/notebooks/v2/notebooks-gen.go @@ -90,7 +90,9 @@ const apiId = "notebooks:v2" const apiName = "notebooks" const apiVersion = "v2" const basePath = "https://notebooks.googleapis.com/" +const basePathTemplate = "https://notebooks.UNIVERSE_DOMAIN/" const mtlsBasePath = "https://notebooks.mtls.googleapis.com/" +const defaultUniverseDomain = "googleapis.com" // OAuth2 scopes used by this API. const ( @@ -107,7 +109,9 @@ func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, err // NOTE: prepend, so we don't override user-specified scopes. opts = append([]option.ClientOption{scopesOption}, opts...) opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) + opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate)) opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) + opts = append(opts, internaloption.WithDefaultUniverseDomain(defaultUniverseDomain)) client, endpoint, err := htransport.NewClient(ctx, opts...) if err != nil { return nil, err diff --git a/privateca/v1beta1/privateca-api.json b/privateca/v1beta1/privateca-api.json index b8c228ddfc5..3e041875603 100644 --- a/privateca/v1beta1/privateca-api.json +++ b/privateca/v1beta1/privateca-api.json @@ -580,7 +580,7 @@ } } }, - "revision": "20230816", + "revision": "20240103", "rootUrl": "https://privateca.googleapis.com/", "schemas": { "AuditConfig": { @@ -640,7 +640,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/privateca/v1beta1/privateca-gen.go b/privateca/v1beta1/privateca-gen.go index 541ccc73928..7402615ac9f 100644 --- a/privateca/v1beta1/privateca-gen.go +++ b/privateca/v1beta1/privateca-gen.go @@ -353,11 +353,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -369,7 +392,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/prod_tt_sasportal/v1alpha1/prod_tt_sasportal-api.json b/prod_tt_sasportal/v1alpha1/prod_tt_sasportal-api.json index fd0e7a85ec0..f45a2c7fb39 100644 --- a/prod_tt_sasportal/v1alpha1/prod_tt_sasportal-api.json +++ b/prod_tt_sasportal/v1alpha1/prod_tt_sasportal-api.json @@ -2653,7 +2653,7 @@ } } }, - "revision": "20231220", + "revision": "20240109", "rootUrl": "https://prod-tt-sasportal.googleapis.com/", "schemas": { "SasPortalAssignment": { @@ -2810,7 +2810,7 @@ "type": "string" }, "fccId": { - "description": "The FCC identifier of the device.", + "description": "The FCC identifier of the device. Refer to https://www.fcc.gov/oet/ea/fccid for FccID format.", "type": "string" }, "grantRangeAllowlists": { diff --git a/prod_tt_sasportal/v1alpha1/prod_tt_sasportal-gen.go b/prod_tt_sasportal/v1alpha1/prod_tt_sasportal-gen.go index 387eb0e5c54..1e2eb76ff9e 100644 --- a/prod_tt_sasportal/v1alpha1/prod_tt_sasportal-gen.go +++ b/prod_tt_sasportal/v1alpha1/prod_tt_sasportal-gen.go @@ -683,7 +683,8 @@ type SasPortalDevice struct { // DisplayName: Device display name. DisplayName string `json:"displayName,omitempty"` - // FccId: The FCC identifier of the device. + // FccId: The FCC identifier of the device. Refer to + // https://www.fcc.gov/oet/ea/fccid for FccID format. FccId string `json:"fccId,omitempty"` // GrantRangeAllowlists: Only ranges that are within the allowlists are diff --git a/retail/v2/retail-api.json b/retail/v2/retail-api.json index bf3011bbc07..05e4644ad8c 100644 --- a/retail/v2/retail-api.json +++ b/retail/v2/retail-api.json @@ -2059,7 +2059,7 @@ } } }, - "revision": "20231130", + "revision": "20240109", "rootUrl": "https://retail.googleapis.com/", "schemas": { "GoogleApiHttpBody": { @@ -2546,6 +2546,10 @@ "$ref": "GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacetValue" }, "type": "array" + }, + "rerankConfig": { + "$ref": "GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig", + "description": "Set this field only if you want to rerank based on facet values engaged by the user for the current key. This option is only possible for custom facetable textual keys." } }, "type": "object" @@ -2592,6 +2596,24 @@ }, "type": "object" }, + "GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig": { + "description": "Options to rerank based on facet values engaged by the user for the current key. That key needs to be a custom textual key and facetable. To use this control, you also need to pass all the facet keys engaged by the user in the request using the field [SearchRequest.FacetSpec]. In particular, if you don't pass the facet keys engaged that you want to rerank on, this control won't be effective. Moreover, to obtain better results, the facet values that you want to rerank on should be close to English (ideally made of words, underscores, and spaces).", + "id": "GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig", + "properties": { + "facetValues": { + "description": "If empty, rerank on all facet values for the current key. Otherwise, will rerank on the facet values from this list only.", + "items": { + "type": "string" + }, + "type": "array" + }, + "rerankFacet": { + "description": "If set to true, then we also rerank the dynamic facets based on the facet values engaged by the user for the current attribute key during serving.", + "type": "boolean" + } + }, + "type": "object" + }, "GoogleCloudRetailV2ColorInfo": { "description": "The color information of a Product.", "id": "GoogleCloudRetailV2ColorInfo", diff --git a/retail/v2/retail-gen.go b/retail/v2/retail-gen.go index d72201dc5f2..ec0e35ac52f 100644 --- a/retail/v2/retail-gen.go +++ b/retail/v2/retail-gen.go @@ -1217,6 +1217,11 @@ type GoogleCloudRetailV2CatalogAttributeFacetConfig struct { // custom attributes. MergedFacetValues []*GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacetValue `json:"mergedFacetValues,omitempty"` + // RerankConfig: Set this field only if you want to rerank based on + // facet values engaged by the user for the current key. This option is + // only possible for custom facetable textual keys. + RerankConfig *GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig `json:"rerankConfig,omitempty"` + // ForceSendFields is a list of field names (e.g. "FacetIntervals") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any @@ -1325,6 +1330,48 @@ func (s *GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacetValue) Marshal return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig: Options +// to rerank based on facet values engaged by the user for the current +// key. That key needs to be a custom textual key and facetable. To use +// this control, you also need to pass all the facet keys engaged by the +// user in the request using the field [SearchRequest.FacetSpec]. In +// particular, if you don't pass the facet keys engaged that you want to +// rerank on, this control won't be effective. Moreover, to obtain +// better results, the facet values that you want to rerank on should be +// close to English (ideally made of words, underscores, and spaces). +type GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig struct { + // FacetValues: If empty, rerank on all facet values for the current + // key. Otherwise, will rerank on the facet values from this list only. + FacetValues []string `json:"facetValues,omitempty"` + + // RerankFacet: If set to true, then we also rerank the dynamic facets + // based on the facet values engaged by the user for the current + // attribute key during serving. + RerankFacet bool `json:"rerankFacet,omitempty"` + + // ForceSendFields is a list of field names (e.g. "FacetValues") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "FacetValues") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig) MarshalJSON() ([]byte, error) { + type NoMethod GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleCloudRetailV2ColorInfo: The color information of a Product. type GoogleCloudRetailV2ColorInfo struct { // ColorFamilies: The standard color families. Strongly recommended to diff --git a/retail/v2alpha/retail-api.json b/retail/v2alpha/retail-api.json index 5516369722c..17958ba92da 100644 --- a/retail/v2alpha/retail-api.json +++ b/retail/v2alpha/retail-api.json @@ -2416,7 +2416,7 @@ } } }, - "revision": "20231207", + "revision": "20240109", "rootUrl": "https://retail.googleapis.com/", "schemas": { "GoogleApiHttpBody": { @@ -3445,6 +3445,10 @@ "$ref": "GoogleCloudRetailV2alphaCatalogAttributeFacetConfigMergedFacetValue" }, "type": "array" + }, + "rerankConfig": { + "$ref": "GoogleCloudRetailV2alphaCatalogAttributeFacetConfigRerankConfig", + "description": "Set this field only if you want to rerank based on facet values engaged by the user for the current key. This option is only possible for custom facetable textual keys." } }, "type": "object" @@ -3491,6 +3495,24 @@ }, "type": "object" }, + "GoogleCloudRetailV2alphaCatalogAttributeFacetConfigRerankConfig": { + "description": "Options to rerank based on facet values engaged by the user for the current key. That key needs to be a custom textual key and facetable. To use this control, you also need to pass all the facet keys engaged by the user in the request using the field [SearchRequest.FacetSpec]. In particular, if you don't pass the facet keys engaged that you want to rerank on, this control won't be effective. Moreover, to obtain better results, the facet values that you want to rerank on should be close to English (ideally made of words, underscores, and spaces).", + "id": "GoogleCloudRetailV2alphaCatalogAttributeFacetConfigRerankConfig", + "properties": { + "facetValues": { + "description": "If empty, rerank on all facet values for the current key. Otherwise, will rerank on the facet values from this list only.", + "items": { + "type": "string" + }, + "type": "array" + }, + "rerankFacet": { + "description": "If set to true, then we also rerank the dynamic facets based on the facet values engaged by the user for the current attribute key during serving.", + "type": "boolean" + } + }, + "type": "object" + }, "GoogleCloudRetailV2alphaColorInfo": { "description": "The color information of a Product.", "id": "GoogleCloudRetailV2alphaColorInfo", diff --git a/retail/v2alpha/retail-gen.go b/retail/v2alpha/retail-gen.go index 099d2e93122..bb34b184ec3 100644 --- a/retail/v2alpha/retail-gen.go +++ b/retail/v2alpha/retail-gen.go @@ -2198,6 +2198,11 @@ type GoogleCloudRetailV2alphaCatalogAttributeFacetConfig struct { // custom attributes. MergedFacetValues []*GoogleCloudRetailV2alphaCatalogAttributeFacetConfigMergedFacetValue `json:"mergedFacetValues,omitempty"` + // RerankConfig: Set this field only if you want to rerank based on + // facet values engaged by the user for the current key. This option is + // only possible for custom facetable textual keys. + RerankConfig *GoogleCloudRetailV2alphaCatalogAttributeFacetConfigRerankConfig `json:"rerankConfig,omitempty"` + // ForceSendFields is a list of field names (e.g. "FacetIntervals") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any @@ -2308,6 +2313,48 @@ func (s *GoogleCloudRetailV2alphaCatalogAttributeFacetConfigMergedFacetValue) Ma return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleCloudRetailV2alphaCatalogAttributeFacetConfigRerankConfig: +// Options to rerank based on facet values engaged by the user for the +// current key. That key needs to be a custom textual key and facetable. +// To use this control, you also need to pass all the facet keys engaged +// by the user in the request using the field [SearchRequest.FacetSpec]. +// In particular, if you don't pass the facet keys engaged that you want +// to rerank on, this control won't be effective. Moreover, to obtain +// better results, the facet values that you want to rerank on should be +// close to English (ideally made of words, underscores, and spaces). +type GoogleCloudRetailV2alphaCatalogAttributeFacetConfigRerankConfig struct { + // FacetValues: If empty, rerank on all facet values for the current + // key. Otherwise, will rerank on the facet values from this list only. + FacetValues []string `json:"facetValues,omitempty"` + + // RerankFacet: If set to true, then we also rerank the dynamic facets + // based on the facet values engaged by the user for the current + // attribute key during serving. + RerankFacet bool `json:"rerankFacet,omitempty"` + + // ForceSendFields is a list of field names (e.g. "FacetValues") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "FacetValues") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GoogleCloudRetailV2alphaCatalogAttributeFacetConfigRerankConfig) MarshalJSON() ([]byte, error) { + type NoMethod GoogleCloudRetailV2alphaCatalogAttributeFacetConfigRerankConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleCloudRetailV2alphaColorInfo: The color information of a // Product. type GoogleCloudRetailV2alphaColorInfo struct { diff --git a/retail/v2beta/retail-api.json b/retail/v2beta/retail-api.json index 829bd13ca23..f958adaed36 100644 --- a/retail/v2beta/retail-api.json +++ b/retail/v2beta/retail-api.json @@ -2087,7 +2087,7 @@ } } }, - "revision": "20231130", + "revision": "20240109", "rootUrl": "https://retail.googleapis.com/", "schemas": { "GoogleApiHttpBody": { @@ -3940,6 +3940,10 @@ "$ref": "GoogleCloudRetailV2betaCatalogAttributeFacetConfigMergedFacetValue" }, "type": "array" + }, + "rerankConfig": { + "$ref": "GoogleCloudRetailV2betaCatalogAttributeFacetConfigRerankConfig", + "description": "Set this field only if you want to rerank based on facet values engaged by the user for the current key. This option is only possible for custom facetable textual keys." } }, "type": "object" @@ -3986,6 +3990,24 @@ }, "type": "object" }, + "GoogleCloudRetailV2betaCatalogAttributeFacetConfigRerankConfig": { + "description": "Options to rerank based on facet values engaged by the user for the current key. That key needs to be a custom textual key and facetable. To use this control, you also need to pass all the facet keys engaged by the user in the request using the field [SearchRequest.FacetSpec]. In particular, if you don't pass the facet keys engaged that you want to rerank on, this control won't be effective. Moreover, to obtain better results, the facet values that you want to rerank on should be close to English (ideally made of words, underscores, and spaces).", + "id": "GoogleCloudRetailV2betaCatalogAttributeFacetConfigRerankConfig", + "properties": { + "facetValues": { + "description": "If empty, rerank on all facet values for the current key. Otherwise, will rerank on the facet values from this list only.", + "items": { + "type": "string" + }, + "type": "array" + }, + "rerankFacet": { + "description": "If set to true, then we also rerank the dynamic facets based on the facet values engaged by the user for the current attribute key during serving.", + "type": "boolean" + } + }, + "type": "object" + }, "GoogleCloudRetailV2betaColorInfo": { "description": "The color information of a Product.", "id": "GoogleCloudRetailV2betaColorInfo", diff --git a/retail/v2beta/retail-gen.go b/retail/v2beta/retail-gen.go index f77c3c74243..454cc44c430 100644 --- a/retail/v2beta/retail-gen.go +++ b/retail/v2beta/retail-gen.go @@ -3639,6 +3639,11 @@ type GoogleCloudRetailV2betaCatalogAttributeFacetConfig struct { // custom attributes. MergedFacetValues []*GoogleCloudRetailV2betaCatalogAttributeFacetConfigMergedFacetValue `json:"mergedFacetValues,omitempty"` + // RerankConfig: Set this field only if you want to rerank based on + // facet values engaged by the user for the current key. This option is + // only possible for custom facetable textual keys. + RerankConfig *GoogleCloudRetailV2betaCatalogAttributeFacetConfigRerankConfig `json:"rerankConfig,omitempty"` + // ForceSendFields is a list of field names (e.g. "FacetIntervals") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any @@ -3747,6 +3752,48 @@ func (s *GoogleCloudRetailV2betaCatalogAttributeFacetConfigMergedFacetValue) Mar return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleCloudRetailV2betaCatalogAttributeFacetConfigRerankConfig: +// Options to rerank based on facet values engaged by the user for the +// current key. That key needs to be a custom textual key and facetable. +// To use this control, you also need to pass all the facet keys engaged +// by the user in the request using the field [SearchRequest.FacetSpec]. +// In particular, if you don't pass the facet keys engaged that you want +// to rerank on, this control won't be effective. Moreover, to obtain +// better results, the facet values that you want to rerank on should be +// close to English (ideally made of words, underscores, and spaces). +type GoogleCloudRetailV2betaCatalogAttributeFacetConfigRerankConfig struct { + // FacetValues: If empty, rerank on all facet values for the current + // key. Otherwise, will rerank on the facet values from this list only. + FacetValues []string `json:"facetValues,omitempty"` + + // RerankFacet: If set to true, then we also rerank the dynamic facets + // based on the facet values engaged by the user for the current + // attribute key during serving. + RerankFacet bool `json:"rerankFacet,omitempty"` + + // ForceSendFields is a list of field names (e.g. "FacetValues") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "FacetValues") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GoogleCloudRetailV2betaCatalogAttributeFacetConfigRerankConfig) MarshalJSON() ([]byte, error) { + type NoMethod GoogleCloudRetailV2betaCatalogAttributeFacetConfigRerankConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleCloudRetailV2betaColorInfo: The color information of a Product. type GoogleCloudRetailV2betaColorInfo struct { // ColorFamilies: The standard color families. Strongly recommended to diff --git a/run/v1/run-api.json b/run/v1/run-api.json index d13d0228bd1..b95a52761b1 100644 --- a/run/v1/run-api.json +++ b/run/v1/run-api.json @@ -2609,7 +2609,7 @@ } } }, - "revision": "20231210", + "revision": "20240107", "rootUrl": "https://run.googleapis.com/", "schemas": { "Addressable": { @@ -2695,7 +2695,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/run/v1/run-gen.go b/run/v1/run-gen.go index e1982ceeb91..07760fa317b 100644 --- a/run/v1/run-gen.go +++ b/run/v1/run-gen.go @@ -596,11 +596,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -612,7 +635,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/run/v2/run-api.json b/run/v2/run-api.json index ef8c5aae664..82dc1a95b47 100644 --- a/run/v2/run-api.json +++ b/run/v2/run-api.json @@ -1312,7 +1312,7 @@ } } }, - "revision": "20231210", + "revision": "20240107", "rootUrl": "https://run.googleapis.com/", "schemas": { "GoogleCloudRunV2BinaryAuthorization": { @@ -2742,7 +2742,7 @@ "additionalProperties": { "type": "string" }, - "description": "Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected in new resources. All system annotations in v1 now have a corresponding field in v2 Service. This field follows Kubernetes annotations' namespacing, limits, and rules.", + "description": "Optional. Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected in new resources. All system annotations in v1 now have a corresponding field in v2 Service. This field follows Kubernetes annotations' namespacing, limits, and rules.", "type": "object" }, "binaryAuthorization": { @@ -2830,7 +2830,7 @@ "additionalProperties": { "type": "string" }, - "description": "Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All system labels in v1 now have a corresponding field in v2 Service.", + "description": "Optional. Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All system labels in v1 now have a corresponding field in v2 Service.", "type": "object" }, "lastModifier": { @@ -3459,7 +3459,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/run/v2/run-gen.go b/run/v2/run-gen.go index afdc430fcc6..181559682fc 100644 --- a/run/v2/run-gen.go +++ b/run/v2/run-gen.go @@ -2334,10 +2334,10 @@ func (s *GoogleCloudRunV2SecretVolumeSource) MarshalJSON() ([]byte, error) { // encapsulates software lifecycle decisions such as rollout policy and // team resource ownership. type GoogleCloudRunV2Service struct { - // Annotations: Unstructured key value map that may be set by external - // tools to store and arbitrary metadata. They are not queryable and - // should be preserved when modifying objects. Cloud Run API v2 does not - // support annotations with `run.googleapis.com`, + // Annotations: Optional. Unstructured key value map that may be set by + // external tools to store and arbitrary metadata. They are not + // queryable and should be preserved when modifying objects. Cloud Run + // API v2 does not support annotations with `run.googleapis.com`, // `cloud.googleapis.com`, `serving.knative.dev`, or // `autoscaling.knative.dev` namespaces, and they will be rejected in // new resources. All system annotations in v1 now have a corresponding @@ -2408,10 +2408,10 @@ type GoogleCloudRunV2Service struct { // Cloud Load Balancer traffic is allowed. Ingress string `json:"ingress,omitempty"` - // Labels: Unstructured key value map that can be used to organize and - // categorize objects. User-provided labels are shared with Google's - // billing system, so they can be used to filter, or break down billing - // charges by team, component, environment, state, etc. For more + // Labels: Optional. Unstructured key value map that can be used to + // organize and categorize objects. User-provided labels are shared with + // Google's billing system, so they can be used to filter, or break down + // billing charges by team, component, environment, state, etc. For more // information, visit // https://cloud.google.com/resource-manager/docs/creating-managing-labels // or https://cloud.google.com/run/docs/configuring/labels. Cloud Run @@ -3337,11 +3337,34 @@ type GoogleIamV1Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -3353,7 +3376,12 @@ type GoogleIamV1Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/texttospeech/v1/texttospeech-api.json b/texttospeech/v1/texttospeech-api.json index cfde004ce2e..069c73308ec 100644 --- a/texttospeech/v1/texttospeech-api.json +++ b/texttospeech/v1/texttospeech-api.json @@ -318,7 +318,7 @@ } } }, - "revision": "20231023", + "revision": "20240109", "rootUrl": "https://texttospeech.googleapis.com/", "schemas": { "AudioConfig": { @@ -417,6 +417,12 @@ "description": "Metadata for response returned by the `SynthesizeLongAudio` method.", "id": "GoogleCloudTexttospeechV1SynthesizeLongAudioMetadata", "properties": { + "lastUpdateTime": { + "deprecated": true, + "description": "Deprecated. Do not use.", + "format": "google-datetime", + "type": "string" + }, "progressPercentage": { "description": "The progress of the most recent processing update in percentage, ie. 70.0%.", "format": "double", @@ -543,6 +549,12 @@ "description": "Metadata for response returned by the `SynthesizeLongAudio` method.", "id": "SynthesizeLongAudioMetadata", "properties": { + "lastUpdateTime": { + "deprecated": true, + "description": "Deprecated. Do not use.", + "format": "google-datetime", + "type": "string" + }, "progressPercentage": { "description": "The progress of the most recent processing update in percentage, ie. 70.0%.", "format": "double", diff --git a/texttospeech/v1/texttospeech-gen.go b/texttospeech/v1/texttospeech-gen.go index 6db177e6297..de39118e6aa 100644 --- a/texttospeech/v1/texttospeech-gen.go +++ b/texttospeech/v1/texttospeech-gen.go @@ -394,6 +394,9 @@ type Empty struct { // GoogleCloudTexttospeechV1SynthesizeLongAudioMetadata: Metadata for // response returned by the `SynthesizeLongAudio` method. type GoogleCloudTexttospeechV1SynthesizeLongAudioMetadata struct { + // LastUpdateTime: Deprecated. Do not use. + LastUpdateTime string `json:"lastUpdateTime,omitempty"` + // ProgressPercentage: The progress of the most recent processing update // in percentage, ie. 70.0%. ProgressPercentage float64 `json:"progressPercentage,omitempty"` @@ -401,15 +404,15 @@ type GoogleCloudTexttospeechV1SynthesizeLongAudioMetadata struct { // StartTime: Time when the request was received. StartTime string `json:"startTime,omitempty"` - // ForceSendFields is a list of field names (e.g. "ProgressPercentage") - // to unconditionally include in API requests. By default, fields with + // ForceSendFields is a list of field names (e.g. "LastUpdateTime") to + // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "ProgressPercentage") to + // NullFields is a list of field names (e.g. "LastUpdateTime") to // include in API requests with the JSON null value. By default, fields // with empty values are omitted from API requests. However, any field // with an empty value appearing in NullFields will be sent to the @@ -655,6 +658,9 @@ func (s *SynthesisInput) MarshalJSON() ([]byte, error) { // SynthesizeLongAudioMetadata: Metadata for response returned by the // `SynthesizeLongAudio` method. type SynthesizeLongAudioMetadata struct { + // LastUpdateTime: Deprecated. Do not use. + LastUpdateTime string `json:"lastUpdateTime,omitempty"` + // ProgressPercentage: The progress of the most recent processing update // in percentage, ie. 70.0%. ProgressPercentage float64 `json:"progressPercentage,omitempty"` @@ -662,15 +668,15 @@ type SynthesizeLongAudioMetadata struct { // StartTime: Time when the request was received. StartTime string `json:"startTime,omitempty"` - // ForceSendFields is a list of field names (e.g. "ProgressPercentage") - // to unconditionally include in API requests. By default, fields with + // ForceSendFields is a list of field names (e.g. "LastUpdateTime") to + // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "ProgressPercentage") to + // NullFields is a list of field names (e.g. "LastUpdateTime") to // include in API requests with the JSON null value. By default, fields // with empty values are omitted from API requests. However, any field // with an empty value appearing in NullFields will be sent to the diff --git a/texttospeech/v1beta1/texttospeech-api.json b/texttospeech/v1beta1/texttospeech-api.json index 3db17a2dcc6..16372d2c819 100644 --- a/texttospeech/v1beta1/texttospeech-api.json +++ b/texttospeech/v1beta1/texttospeech-api.json @@ -261,7 +261,7 @@ } } }, - "revision": "20231023", + "revision": "20240109", "rootUrl": "https://texttospeech.googleapis.com/", "schemas": { "AudioConfig": { @@ -350,6 +350,12 @@ "description": "Metadata for response returned by the `SynthesizeLongAudio` method.", "id": "GoogleCloudTexttospeechV1beta1SynthesizeLongAudioMetadata", "properties": { + "lastUpdateTime": { + "deprecated": true, + "description": "Deprecated. Do not use.", + "format": "google-datetime", + "type": "string" + }, "progressPercentage": { "description": "The progress of the most recent processing update in percentage, ie. 70.0%.", "format": "double", @@ -476,6 +482,12 @@ "description": "Metadata for response returned by the `SynthesizeLongAudio` method.", "id": "SynthesizeLongAudioMetadata", "properties": { + "lastUpdateTime": { + "deprecated": true, + "description": "Deprecated. Do not use.", + "format": "google-datetime", + "type": "string" + }, "progressPercentage": { "description": "The progress of the most recent processing update in percentage, ie. 70.0%.", "format": "double", diff --git a/texttospeech/v1beta1/texttospeech-gen.go b/texttospeech/v1beta1/texttospeech-gen.go index 7ea2e95f034..6ebe2fcfd19 100644 --- a/texttospeech/v1beta1/texttospeech-gen.go +++ b/texttospeech/v1beta1/texttospeech-gen.go @@ -367,6 +367,9 @@ func (s *CustomVoiceParams) MarshalJSON() ([]byte, error) { // GoogleCloudTexttospeechV1beta1SynthesizeLongAudioMetadata: Metadata // for response returned by the `SynthesizeLongAudio` method. type GoogleCloudTexttospeechV1beta1SynthesizeLongAudioMetadata struct { + // LastUpdateTime: Deprecated. Do not use. + LastUpdateTime string `json:"lastUpdateTime,omitempty"` + // ProgressPercentage: The progress of the most recent processing update // in percentage, ie. 70.0%. ProgressPercentage float64 `json:"progressPercentage,omitempty"` @@ -374,15 +377,15 @@ type GoogleCloudTexttospeechV1beta1SynthesizeLongAudioMetadata struct { // StartTime: Time when the request was received. StartTime string `json:"startTime,omitempty"` - // ForceSendFields is a list of field names (e.g. "ProgressPercentage") - // to unconditionally include in API requests. By default, fields with + // ForceSendFields is a list of field names (e.g. "LastUpdateTime") to + // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "ProgressPercentage") to + // NullFields is a list of field names (e.g. "LastUpdateTime") to // include in API requests with the JSON null value. By default, fields // with empty values are omitted from API requests. However, any field // with an empty value appearing in NullFields will be sent to the @@ -628,6 +631,9 @@ func (s *SynthesisInput) MarshalJSON() ([]byte, error) { // SynthesizeLongAudioMetadata: Metadata for response returned by the // `SynthesizeLongAudio` method. type SynthesizeLongAudioMetadata struct { + // LastUpdateTime: Deprecated. Do not use. + LastUpdateTime string `json:"lastUpdateTime,omitempty"` + // ProgressPercentage: The progress of the most recent processing update // in percentage, ie. 70.0%. ProgressPercentage float64 `json:"progressPercentage,omitempty"` @@ -635,15 +641,15 @@ type SynthesizeLongAudioMetadata struct { // StartTime: Time when the request was received. StartTime string `json:"startTime,omitempty"` - // ForceSendFields is a list of field names (e.g. "ProgressPercentage") - // to unconditionally include in API requests. By default, fields with + // ForceSendFields is a list of field names (e.g. "LastUpdateTime") to + // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "ProgressPercentage") to + // NullFields is a list of field names (e.g. "LastUpdateTime") to // include in API requests with the JSON null value. By default, fields // with empty values are omitted from API requests. However, any field // with an empty value appearing in NullFields will be sent to the diff --git a/toolresults/v1beta3/toolresults-api.json b/toolresults/v1beta3/toolresults-api.json index 24c43051c35..60fb316572f 100644 --- a/toolresults/v1beta3/toolresults-api.json +++ b/toolresults/v1beta3/toolresults-api.json @@ -1463,7 +1463,7 @@ } } }, - "revision": "20230803", + "revision": "20240110", "rootUrl": "https://toolresults.googleapis.com/", "schemas": { "ANR": { @@ -2834,6 +2834,7 @@ }, "graphicsStats": { "$ref": "GraphicsStats", + "deprecated": true, "description": "Graphics statistics for the entire run. Statistics are reset at the beginning of the run and collected at the end of the run." }, "historyId": { diff --git a/workloadmanager/v1/workloadmanager-api.json b/workloadmanager/v1/workloadmanager-api.json index 0c06d590c03..27f86bf6df0 100644 --- a/workloadmanager/v1/workloadmanager-api.json +++ b/workloadmanager/v1/workloadmanager-api.json @@ -707,9 +707,24 @@ } } }, - "revision": "20231211", + "revision": "20240103", "rootUrl": "https://workloadmanager.googleapis.com/", "schemas": { + "BigQueryDestination": { + "description": "Message describing big query destination", + "id": "BigQueryDestination", + "properties": { + "createNewResultsTable": { + "description": "Optional. determine if results will be saved in a new table", + "type": "boolean" + }, + "destinationDataset": { + "description": "Optional. destination dataset to save evaluation results", + "type": "string" + } + }, + "type": "object" + }, "CancelOperationRequest": { "description": "The request message for Operations.CancelOperation.", "id": "CancelOperationRequest", @@ -726,6 +741,10 @@ "description": "LINT.IfChange Message describing Evaluation object", "id": "Evaluation", "properties": { + "bigQueryDestination": { + "$ref": "BigQueryDestination", + "description": "Optional. BigQuery destination" + }, "createTime": { "description": "Output only. [Output only] Create time stamp", "format": "google-datetime", diff --git a/workloadmanager/v1/workloadmanager-gen.go b/workloadmanager/v1/workloadmanager-gen.go index 70a0e5ca1f0..262dfd3154a 100644 --- a/workloadmanager/v1/workloadmanager-gen.go +++ b/workloadmanager/v1/workloadmanager-gen.go @@ -260,6 +260,41 @@ type ProjectsLocationsRulesService struct { s *Service } +// BigQueryDestination: Message describing big query destination +type BigQueryDestination struct { + // CreateNewResultsTable: Optional. determine if results will be saved + // in a new table + CreateNewResultsTable bool `json:"createNewResultsTable,omitempty"` + + // DestinationDataset: Optional. destination dataset to save evaluation + // results + DestinationDataset string `json:"destinationDataset,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "CreateNewResultsTable") to unconditionally include in API requests. + // By default, fields with empty or default values are omitted from API + // requests. However, any non-pointer, non-interface field appearing in + // ForceSendFields will be sent to the server regardless of whether the + // field is empty or not. This may be used to include empty fields in + // Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CreateNewResultsTable") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *BigQueryDestination) MarshalJSON() ([]byte, error) { + type NoMethod BigQueryDestination + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // CancelOperationRequest: The request message for // Operations.CancelOperation. type CancelOperationRequest struct { @@ -278,6 +313,9 @@ type Empty struct { // Evaluation: LINT.IfChange Message describing Evaluation object type Evaluation struct { + // BigQueryDestination: Optional. BigQuery destination + BigQueryDestination *BigQueryDestination `json:"bigQueryDestination,omitempty"` + // CreateTime: Output only. [Output only] Create time stamp CreateTime string `json:"createTime,omitempty"` @@ -321,20 +359,21 @@ type Evaluation struct { // server. googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "CreateTime") to - // unconditionally include in API requests. By default, fields with + // ForceSendFields is a list of field names (e.g. "BigQueryDestination") + // to unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "CreateTime") to include in - // API requests with the JSON null value. By default, fields with empty - // values are omitted from API requests. However, any field with an - // empty value appearing in NullFields will be sent to the server as - // null. It is an error if a field in this list has a non-empty value. - // This may be used to include null fields in Patch requests. + // NullFields is a list of field names (e.g. "BigQueryDestination") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. NullFields []string `json:"-"` } diff --git a/workstations/v1/workstations-api.json b/workstations/v1/workstations-api.json index fe4719733e9..4e83495bf8c 100644 --- a/workstations/v1/workstations-api.json +++ b/workstations/v1/workstations-api.json @@ -1195,7 +1195,7 @@ } } }, - "revision": "20231129", + "revision": "20240101", "rootUrl": "https://workstations.googleapis.com/", "schemas": { "AuditConfig": { @@ -1255,7 +1255,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, @@ -2246,10 +2246,18 @@ "readOnly": true, "type": "string" }, + "disableTcpConnections": { + "description": "Optional. Disables support for plain TCP connections in the workstation. By default the service supports TCP connections via a websocket relay. Setting this option to true disables that relay, which prevents the usage of services that require plain tcp connections, such as ssh. When enabled, all communication must occur over https or wss.", + "type": "boolean" + }, "displayName": { "description": "Optional. Human-readable name for this workstation configuration.", "type": "string" }, + "enableAuditAgent": { + "description": "Optional. Whether to enable Linux `auditd` logging on the workstation. When enabled, a service account must also be specified that has `logging.buckets.write` permission on the project. Operating system audit logging is distinct from [Cloud Audit Logs](https://cloud.google.com/workstations/docs/audit-logging).", + "type": "boolean" + }, "encryptionKey": { "$ref": "CustomerEncryptionKey", "description": "Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created." diff --git a/workstations/v1/workstations-gen.go b/workstations/v1/workstations-gen.go index 13e44338fde..840d9a184c3 100644 --- a/workstations/v1/workstations-gen.go +++ b/workstations/v1/workstations-gen.go @@ -353,11 +353,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -369,7 +392,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. @@ -2088,10 +2116,25 @@ type WorkstationConfig struct { // soft-deleted. DeleteTime string `json:"deleteTime,omitempty"` + // DisableTcpConnections: Optional. Disables support for plain TCP + // connections in the workstation. By default the service supports TCP + // connections via a websocket relay. Setting this option to true + // disables that relay, which prevents the usage of services that + // require plain tcp connections, such as ssh. When enabled, all + // communication must occur over https or wss. + DisableTcpConnections bool `json:"disableTcpConnections,omitempty"` + // DisplayName: Optional. Human-readable name for this workstation // configuration. DisplayName string `json:"displayName,omitempty"` + // EnableAuditAgent: Optional. Whether to enable Linux `auditd` logging + // on the workstation. When enabled, a service account must also be + // specified that has `logging.buckets.write` permission on the project. + // Operating system audit logging is distinct from Cloud Audit Logs + // (https://cloud.google.com/workstations/docs/audit-logging). + EnableAuditAgent bool `json:"enableAuditAgent,omitempty"` + // EncryptionKey: Immutable. Encrypts resources of this workstation // configuration using a customer-managed encryption key (CMEK). If // specified, the boot disk of the Compute Engine instance and the diff --git a/workstations/v1beta/workstations-api.json b/workstations/v1beta/workstations-api.json index fc7e6ccaf31..091bf622aef 100644 --- a/workstations/v1beta/workstations-api.json +++ b/workstations/v1beta/workstations-api.json @@ -1127,7 +1127,7 @@ } } }, - "revision": "20231129", + "revision": "20240101", "rootUrl": "https://workstations.googleapis.com/", "schemas": { "Accelerator": { @@ -1203,7 +1203,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/workstations/v1beta/workstations-gen.go b/workstations/v1beta/workstations-gen.go index 86f613be6ec..4e64b9e0100 100644 --- a/workstations/v1beta/workstations-gen.go +++ b/workstations/v1beta/workstations-gen.go @@ -385,11 +385,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -401,7 +424,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals.