diff --git a/analyticsdata/v1beta/analyticsdata-api.json b/analyticsdata/v1beta/analyticsdata-api.json index 009f6818afb..414a41b5270 100644 --- a/analyticsdata/v1beta/analyticsdata-api.json +++ b/analyticsdata/v1beta/analyticsdata-api.json @@ -313,7 +313,7 @@ } } }, - "revision": "20220504", + "revision": "20220620", "rootUrl": "https://analyticsdata.googleapis.com/", "schemas": { "ActiveMetricRestriction": { @@ -771,7 +771,7 @@ "description": "A filter for two values." }, "fieldName": { - "description": "The dimension name or metric name. Must be a name defined in dimensions or metrics.", + "description": "The dimension name or metric name. In most methods, dimensions \u0026 metrics can be used for the first time in this field. However in a RunPivotReportRequest, this field must be additionally specified by name in the RunPivotReportRequest's dimensions or metrics.", "type": "string" }, "inListFilter": { @@ -1498,7 +1498,7 @@ "properties": { "dimensionFilter": { "$ref": "FilterExpression", - "description": "The filter clause of dimensions. Dimensions must be requested to be used in this filter. Metrics cannot be used in this filter." + "description": "The filter clause of dimensions. Metrics cannot be used in this filter." }, "dimensions": { "description": "The dimensions requested and displayed.", @@ -1535,7 +1535,7 @@ }, "metricFilter": { "$ref": "FilterExpression", - "description": "The filter clause of metrics. Applied at post aggregation phase, similar to SQL having-clause. Metrics must be requested to be used in this filter. Dimensions cannot be used in this filter." + "description": "The filter clause of metrics. Applied at post aggregation phase, similar to SQL having-clause. Dimensions cannot be used in this filter." }, "metrics": { "description": "The metrics requested and displayed.", diff --git a/analyticsdata/v1beta/analyticsdata-gen.go b/analyticsdata/v1beta/analyticsdata-gen.go index 817680ae482..a1c76f859a7 100644 --- a/analyticsdata/v1beta/analyticsdata-gen.go +++ b/analyticsdata/v1beta/analyticsdata-gen.go @@ -1061,8 +1061,11 @@ type Filter struct { // BetweenFilter: A filter for two values. BetweenFilter *BetweenFilter `json:"betweenFilter,omitempty"` - // FieldName: The dimension name or metric name. Must be a name defined - // in dimensions or metrics. + // FieldName: The dimension name or metric name. In most methods, + // dimensions & metrics can be used for the first time in this field. + // However in a RunPivotReportRequest, this field must be additionally + // specified by name in the RunPivotReportRequest's dimensions or + // metrics. FieldName string `json:"fieldName,omitempty"` // InListFilter: A filter for in list values. @@ -2281,9 +2284,8 @@ func (s *RunPivotReportResponse) MarshalJSON() ([]byte, error) { // RunRealtimeReportRequest: The request to generate a realtime report. type RunRealtimeReportRequest struct { - // DimensionFilter: The filter clause of dimensions. Dimensions must be - // requested to be used in this filter. Metrics cannot be used in this - // filter. + // DimensionFilter: The filter clause of dimensions. Metrics cannot be + // used in this filter. DimensionFilter *FilterExpression `json:"dimensionFilter,omitempty"` // Dimensions: The dimensions requested and displayed. @@ -2312,9 +2314,8 @@ type RunRealtimeReportRequest struct { MetricAggregations []string `json:"metricAggregations,omitempty"` // MetricFilter: The filter clause of metrics. Applied at post - // aggregation phase, similar to SQL having-clause. Metrics must be - // requested to be used in this filter. Dimensions cannot be used in - // this filter. + // aggregation phase, similar to SQL having-clause. Dimensions cannot be + // used in this filter. MetricFilter *FilterExpression `json:"metricFilter,omitempty"` // Metrics: The metrics requested and displayed. diff --git a/androidmanagement/v1/androidmanagement-api.json b/androidmanagement/v1/androidmanagement-api.json index a1893bcce62..b43c51d2824 100644 --- a/androidmanagement/v1/androidmanagement-api.json +++ b/androidmanagement/v1/androidmanagement-api.json @@ -1065,9 +1065,26 @@ } } }, - "revision": "20220601", + "revision": "20220613", "rootUrl": "https://androidmanagement.googleapis.com/", "schemas": { + "AdbShellCommandEvent": { + "description": "A shell command was issued over ADB via “adb shell command”.", + "id": "AdbShellCommandEvent", + "properties": { + "shellCmd": { + "description": "Shell command that was issued over ADB via \"adb shell command\". Redacted to empty string on organization-owned managed profile devices.", + "type": "string" + } + }, + "type": "object" + }, + "AdbShellInteractiveEvent": { + "description": "An ADB interactive shell was opened via “adb shell”. Intentionally empty.", + "id": "AdbShellInteractiveEvent", + "properties": {}, + "type": "object" + }, "AdvancedSecurityOverrides": { "description": "Security policies set to secure values by default. To maintain the security posture of a device, we don't recommend overriding any of the default values.", "id": "AdvancedSecurityOverrides", @@ -1167,6 +1184,58 @@ }, "type": "object" }, + "AppProcessInfo": { + "description": "Information about a process. It contains process name, start time, app Uid, app Pid, seinfo tag, hash of the base APK.", + "id": "AppProcessInfo", + "properties": { + "apkSha256Hash": { + "description": "SHA-256 hash of the base APK, in hexadecimal format.", + "type": "string" + }, + "packageNames": { + "description": "Package names of all packages that are associated with the particular user id. In most cases, this will be a single package name, the package that has been assigned that user id. If multiple application share a uid then all packages sharing uid will be included.", + "items": { + "type": "string" + }, + "type": "array" + }, + "pid": { + "description": "Process ID.", + "format": "int32", + "type": "integer" + }, + "processName": { + "description": "Process name.", + "type": "string" + }, + "seinfo": { + "description": "SELinux policy info.", + "type": "string" + }, + "startTime": { + "description": "Process start time.", + "format": "google-datetime", + "type": "string" + }, + "uid": { + "description": "UID of the package.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "AppProcessStartEvent": { + "description": "An app process was started. This is available device-wide on fully managed devices and within the work profile on organization-owned devices with a work profile.", + "id": "AppProcessStartEvent", + "properties": { + "processInfo": { + "$ref": "AppProcessInfo", + "description": "Information about a process." + } + }, + "type": "object" + }, "AppTrackInfo": { "description": "Id to name association of a app track.", "id": "AppTrackInfo", @@ -1688,6 +1757,33 @@ }, "type": "object" }, + "BatchUsageLogEvents": { + "description": "Batched event logs of events from the device.", + "id": "BatchUsageLogEvents", + "properties": { + "device": { + "description": "The name of the device in the form ‘enterprises/{enterpriseId}/devices/{deviceId}’", + "type": "string" + }, + "retrievalTime": { + "description": "The device timestamp when the batch of events were collected from the device.", + "format": "google-datetime", + "type": "string" + }, + "usageLogEvents": { + "description": "The list of UsageLogEvent that were reported by the device, sorted chronologically by the event time.", + "items": { + "$ref": "UsageLogEvent" + }, + "type": "array" + }, + "user": { + "description": "The resource name of the user that owns this device in the form ‘enterprises/{enterpriseId}/users/{userId}’.", + "type": "string" + } + }, + "type": "object" + }, "BlockAction": { "description": "An action to block access to apps and data on a fully managed device or in a work profile. This action also triggers a device or work profile to displays a user-facing notification with information (where possible) on how to correct the compliance issue. Note: wipeAction must also be specified.", "id": "BlockAction", @@ -1714,6 +1810,57 @@ }, "type": "object" }, + "CertAuthorityInstalledEvent": { + "description": "A new root certificate was installed into the system's trusted credential storage. This is available device-wide on fully managed devices and within the work profile on organization-owned devices with a work profile.", + "id": "CertAuthorityInstalledEvent", + "properties": { + "certificate": { + "description": "Subject of the certificate.", + "type": "string" + }, + "success": { + "description": "Whether the installation event succeeded.", + "type": "boolean" + }, + "userId": { + "description": "The user in which the certificate install event happened. Only available for devices running Android 11 and above.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "CertAuthorityRemovedEvent": { + "description": "A root certificate was removed from the system's trusted credential storage. This is available device-wide on fully managed devices and within the work profile on organization-owned devices with a work profile.", + "id": "CertAuthorityRemovedEvent", + "properties": { + "certificate": { + "description": "Subject of the certificate.", + "type": "string" + }, + "success": { + "description": "Whether the removal succeeded.", + "type": "boolean" + }, + "userId": { + "description": "The user in which the certificate removal event occurred. Only available for devices running Android 11 and above.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "CertValidationFailureEvent": { + "description": "An X.509v3 certificate failed to validate, currently this validation is performed on the Wi-FI access point and failure may be due to a mismatch upon server certificate validation. However it may in the future include other validation events of an X.509v3 certificate.", + "id": "CertValidationFailureEvent", + "properties": { + "failureReason": { + "description": "The reason why certification validation failed.", + "type": "string" + } + }, + "type": "object" + }, "ChoosePrivateKeyRule": { "description": "Controls apps' access to private keys. The rule determines which private key, if any, Android Device Policy grants to the specified app. Access is granted either when the app calls KeyChain.choosePrivateKeyAlias (https://developer.android.com/reference/android/security/KeyChain#choosePrivateKeyAlias%28android.app.Activity,%20android.security.KeyChainAliasCallback,%20java.lang.String[],%20java.security.Principal[],%20java.lang.String,%20int,%20java.lang.String%29) (or any overloads) to request a private key alias for a given URL, or for rules that are not URL-specific (that is, if urlPattern is not set, or set to the empty string or .*) on Android 11 and above, directly so that the app can call KeyChain.getPrivateKey (https://developer.android.com/reference/android/security/KeyChain#getPrivateKey%28android.content.Context,%20java.lang.String%29), without first having to call KeyChain.choosePrivateKeyAlias.When an app calls KeyChain.choosePrivateKeyAlias if more than one choosePrivateKeyRules matches, the last matching rule defines which key alias to return.", "id": "ChoosePrivateKeyRule", @@ -1904,6 +2051,26 @@ }, "type": "object" }, + "ConnectEvent": { + "description": "A TCP connect event was initiated through the standard network stack.", + "id": "ConnectEvent", + "properties": { + "destinationIpAddress": { + "description": "The destination IP address of the connect call.", + "type": "string" + }, + "destinationPort": { + "description": "The destination port of the connect call.", + "format": "int32", + "type": "integer" + }, + "packageName": { + "description": "The package name of the UID that performed the connect call.", + "type": "string" + } + }, + "type": "object" + }, "ContactInfo": { "description": "Contact details for managed Google Play enterprises.", "id": "ContactInfo", @@ -2012,6 +2179,17 @@ }, "type": "object" }, + "CryptoSelfTestCompletedEvent": { + "description": "Validates whether Android’s built-in cryptographic library (BoringSSL) is valid. Should always succeed on device boot, if it fails, the device should be considered untrusted.", + "id": "CryptoSelfTestCompletedEvent", + "properties": { + "success": { + "description": "Whether the test succeeded.", + "type": "boolean" + } + }, + "type": "object" + }, "Date": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: A full date, with non-zero year, month, and day values. A month and day, with a zero year (for example, an anniversary). A year on its own, with a zero month and a zero day. A year and month, with a zero day (for example, a credit card expiration date).Related types: google.type.TimeOfDay google.type.DateTime google.protobuf.Timestamp", "id": "Date", @@ -2369,6 +2547,33 @@ }, "type": "object" }, + "DnsEvent": { + "description": "A DNS lookup event was initiated through the standard network stack.", + "id": "DnsEvent", + "properties": { + "hostname": { + "description": "The hostname that was looked up.", + "type": "string" + }, + "ipAddresses": { + "description": "The (possibly truncated) list of the IP addresses returned for DNS lookup (max 10 IPv4 or IPv6 addresses).", + "items": { + "type": "string" + }, + "type": "array" + }, + "packageName": { + "description": "The package name of the UID that performed the DNS lookup.", + "type": "string" + }, + "totalIpAddressesReturned": { + "description": "The number of IP addresses returned from the DNS lookup event. May be higher than the amount of ip_addresses if there were too many addresses to log.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, "Empty": { "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } ", "id": "Empty", @@ -2540,6 +2745,28 @@ }, "type": "object" }, + "FilePulledEvent": { + "description": "A file was downloaded from the device.", + "id": "FilePulledEvent", + "properties": { + "filePath": { + "description": "The path of the file being pulled.", + "type": "string" + } + }, + "type": "object" + }, + "FilePushedEvent": { + "description": "A file was uploaded onto the device.", + "id": "FilePushedEvent", + "properties": { + "filePath": { + "description": "The path of the file being pushed.", + "type": "string" + } + }, + "type": "object" + }, "FreezePeriod": { "description": "A system freeze period. When a device’s clock is within the freeze period, all incoming system updates (including security patches) are blocked and won’t be installed. When a device is outside the freeze period, normal update behavior applies. Leap years are ignored in freeze period calculations, in particular: * If Feb. 29th is set as the start or end date of a freeze period, the freeze period will start or end on Feb. 28th instead. * When a device’s system clock reads Feb. 29th, it’s treated as Feb. 28th. * When calculating the number of days in a freeze period or the time between two freeze periods, Feb. 29th is ignored and not counted as a day.", "id": "FreezePeriod", @@ -2721,6 +2948,82 @@ "properties": {}, "type": "object" }, + "KeyDestructionEvent": { + "description": "A cryptographic key including user installed, admin installed and system maintained private key is removed from the device either by the user or management. This is available device-wide on fully managed devices and within the work profile on organization-owned devices with a work profile.", + "id": "KeyDestructionEvent", + "properties": { + "applicationUid": { + "description": "UID of the application which owns the key.", + "format": "int32", + "type": "integer" + }, + "keyAlias": { + "description": "Alias of the key.", + "type": "string" + }, + "success": { + "description": "Whether the operation was successful.", + "type": "boolean" + } + }, + "type": "object" + }, + "KeyGeneratedEvent": { + "description": "A cryptographic key including user installed, admin installed and system maintained private key is installed on the device either by the user or management.This is available device-wide on fully managed devices and within the work profile on organization-owned devices with a work profile.", + "id": "KeyGeneratedEvent", + "properties": { + "applicationUid": { + "description": "UID of the application which generated the key.", + "format": "int32", + "type": "integer" + }, + "keyAlias": { + "description": "Alias of the key.", + "type": "string" + }, + "success": { + "description": "Whether the operation was successful.", + "type": "boolean" + } + }, + "type": "object" + }, + "KeyImportEvent": { + "description": "A cryptographic key including user installed, admin installed and system maintained private key is imported on the device either by the user or management. This is available device-wide on fully managed devices and within the work profile on organization-owned devices with a work profile.", + "id": "KeyImportEvent", + "properties": { + "applicationUid": { + "description": "UID of the application which imported the key", + "format": "int32", + "type": "integer" + }, + "keyAlias": { + "description": "Alias of the key.", + "type": "string" + }, + "success": { + "description": "Whether the operation was successful.", + "type": "boolean" + } + }, + "type": "object" + }, + "KeyIntegrityViolationEvent": { + "description": "A cryptographic key including user installed, admin installed and system maintained private key is determined to be corrupted due to storage corruption, hardware failure or some OS issue. This is available device-wide on fully managed devices and within the work profile on organization-owned devices with a work profile.", + "id": "KeyIntegrityViolationEvent", + "properties": { + "applicationUid": { + "description": "UID of the application which owns the key", + "format": "int32", + "type": "integer" + }, + "keyAlias": { + "description": "Alias of the key.", + "type": "string" + } + }, + "type": "object" + }, "KeyedAppState": { "description": "Keyed app state reported by the app.", "id": "KeyedAppState", @@ -2764,6 +3067,33 @@ }, "type": "object" }, + "KeyguardDismissAuthAttemptEvent": { + "description": "An attempt was made to unlock the device.", + "id": "KeyguardDismissAuthAttemptEvent", + "properties": { + "strongAuthMethodUsed": { + "description": "Whether a strong form of authentication (password, PIN, or pattern) was used to unlock device.", + "type": "boolean" + }, + "success": { + "description": "Whether the unlock attempt was successful.", + "type": "boolean" + } + }, + "type": "object" + }, + "KeyguardDismissedEvent": { + "description": "The keyguard was dismissed. Intentionally empty.", + "id": "KeyguardDismissedEvent", + "properties": {}, + "type": "object" + }, + "KeyguardSecuredEvent": { + "description": "The device was locked either by user or timeout. Intentionally empty.", + "id": "KeyguardSecuredEvent", + "properties": {}, + "type": "object" + }, "KioskCustomization": { "description": "Settings controlling the behavior of a device in kiosk mode. To enable kiosk mode, set kioskCustomLauncherEnabled to true or specify an app in the policy with installType KIOSK.", "id": "KioskCustomization", @@ -2964,6 +3294,24 @@ }, "type": "object" }, + "LogBufferSizeCriticalEvent": { + "description": "The usageLog buffer on the device has reached 90% of its capacity, therefore older events may be dropped. Intentionally empty.", + "id": "LogBufferSizeCriticalEvent", + "properties": {}, + "type": "object" + }, + "LoggingStartedEvent": { + "description": "usageLog policy has been enabled. Intentionally empty.", + "id": "LoggingStartedEvent", + "properties": {}, + "type": "object" + }, + "LoggingStoppedEvent": { + "description": "usageLog policy has been disabled. Intentionally empty.", + "id": "LoggingStoppedEvent", + "properties": {}, + "type": "object" + }, "ManagedConfigurationTemplate": { "description": "The managed configurations template for the app, saved from the managed configurations iframe.", "id": "ManagedConfigurationTemplate", @@ -3060,6 +3408,36 @@ }, "type": "object" }, + "MediaMountEvent": { + "description": "Removable media was mounted.", + "id": "MediaMountEvent", + "properties": { + "mountPoint": { + "description": "Mount point.", + "type": "string" + }, + "volumeLabel": { + "description": "Volume label. Redacted to empty string on organization-owned managed profile devices.", + "type": "string" + } + }, + "type": "object" + }, + "MediaUnmountEvent": { + "description": "Removable media was unmounted.", + "id": "MediaUnmountEvent", + "properties": { + "mountPoint": { + "description": "Mount point.", + "type": "string" + }, + "volumeLabel": { + "description": "Volume label. Redacted to empty string on organization-owned managed profile devices.", + "type": "string" + } + }, + "type": "object" + }, "MemoryEvent": { "description": "An event related to memory and storage measurements.", "id": "MemoryEvent", @@ -3358,6 +3736,51 @@ }, "type": "object" }, + "OsShutdownEvent": { + "description": "Device was shutdown. Intentionally empty.", + "id": "OsShutdownEvent", + "properties": {}, + "type": "object" + }, + "OsStartupEvent": { + "description": "Device was started.", + "id": "OsStartupEvent", + "properties": { + "verifiedBootState": { + "description": "Verified Boot state.", + "enum": [ + "VERIFIED_BOOT_STATE_UNSPECIFIED", + "GREEN", + "YELLOW", + "ORANGE" + ], + "enumDescriptions": [ + "Unknown value.", + "Indicates that there is a full chain of trust extending from the bootloader to verified partitions including the bootloader, boot partition, and all verified partitions.", + "Indicates that the boot partition has been verified using the embedded certificate and the signature is valid.", + "Indicates that the device may be freely modified. Device integrity is left to the user to verify out-of-band." + ], + "type": "string" + }, + "verityMode": { + "description": "dm-verity mode.", + "enum": [ + "DM_VERITY_MODE_UNSPECIFIED", + "ENFORCING", + "IO_ERROR", + "DISABLED" + ], + "enumDescriptions": [ + "Unknown value.", + "Indicates that the device will be restarted when corruption is detected.", + "Indicates that an I/O error will be returned for an attempt to read corrupted data blocks (also known as eio boot state).", + "Indicates that dm-verity is disabled on device." + ], + "type": "string" + } + }, + "type": "object" + }, "PackageNameList": { "description": "A list of package names.", "id": "PackageNameList", @@ -4357,6 +4780,27 @@ }, "type": "object" }, + "RemoteLockEvent": { + "description": "The device or profile has been remotely locked via the LOCK command.", + "id": "RemoteLockEvent", + "properties": { + "adminPackageName": { + "description": "Package name of the admin app requesting the change.", + "type": "string" + }, + "adminUserId": { + "description": "User ID of the admin app from the which the change was requested.", + "format": "int32", + "type": "integer" + }, + "targetUserId": { + "description": "User ID in which the change was requested in.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, "SecurityPosture": { "description": "The security posture of the device, as determined by the current device state and the policies applied.", "id": "SecurityPosture", @@ -4714,8 +5158,8 @@ ], "enumDescriptions": [ "This value is not used.", - "Enable logging of on-device security events, like when the device password is incorrectly entered or removable storage is mounted. See event for a complete description of the logged security events. Supported for fully managed devices on Android 7 and above. Supported for company-owned devices with a work profile on Android 12 and above, on which only security events from the work profile are logged.", - "Enable logging of on-device network events, like DNS lookups and TCP connections. See event for a complete description of the logged network events. Supported for fully managed devices on Android 8 and above. Supported for company-owned devices with a work profile on Android 12 and above, on which only network events from the work profile are logged." + "Enable logging of on-device security events, like when the device password is incorrectly entered or removable storage is mounted. See UsageLogEvent for a complete description of the logged security events. Supported for fully managed devices on Android 7 and above. Supported for company-owned devices with a work profile on Android 12 and above, on which only security events from the work profile are logged.", + "Enable logging of on-device network events, like DNS lookups and TCP connections. See UsageLogEvent for a complete description of the logged network events. Supported for fully managed devices on Android 8 and above. Supported for company-owned devices with a work profile on Android 12 and above, on which only network events from the work profile are logged." ], "type": "string" }, @@ -4731,8 +5175,8 @@ ], "enumDescriptions": [ "This value is not used.", - "Enable logging of on-device security events, like when the device password is incorrectly entered or removable storage is mounted. See event for a complete description of the logged security events. Supported for fully managed devices on Android 7 and above. Supported for company-owned devices with a work profile on Android 12 and above, on which only security events from the work profile are logged.", - "Enable logging of on-device network events, like DNS lookups and TCP connections. See event for a complete description of the logged network events. Supported for fully managed devices on Android 8 and above. Supported for company-owned devices with a work profile on Android 12 and above, on which only network events from the work profile are logged." + "Enable logging of on-device security events, like when the device password is incorrectly entered or removable storage is mounted. See UsageLogEvent for a complete description of the logged security events. Supported for fully managed devices on Android 7 and above. Supported for company-owned devices with a work profile on Android 12 and above, on which only security events from the work profile are logged.", + "Enable logging of on-device network events, like DNS lookups and TCP connections. See UsageLogEvent for a complete description of the logged network events. Supported for fully managed devices on Android 8 and above. Supported for company-owned devices with a work profile on Android 12 and above, on which only network events from the work profile are logged." ], "type": "string" }, @@ -4741,6 +5185,195 @@ }, "type": "object" }, + "UsageLogEvent": { + "description": "An event logged on the device.", + "id": "UsageLogEvent", + "properties": { + "adbShellCommandEvent": { + "$ref": "AdbShellCommandEvent", + "description": "A shell command was issued over ADB via “adb shell command”. Part of SECURITY_LOGS." + }, + "adbShellInteractiveEvent": { + "$ref": "AdbShellInteractiveEvent", + "description": "An ADB interactive shell was opened via “adb shell”. Part of SECURITY_LOGS." + }, + "appProcessStartEvent": { + "$ref": "AppProcessStartEvent", + "description": "An app process was started. Part of SECURITY_LOGS." + }, + "certAuthorityInstalledEvent": { + "$ref": "CertAuthorityInstalledEvent", + "description": "A new root certificate was installed into the system's trusted credential storage. Part of SECURITY_LOGS." + }, + "certAuthorityRemovedEvent": { + "$ref": "CertAuthorityRemovedEvent", + "description": "A root certificate was removed from the system's trusted credential storage. Part of SECURITY_LOGS." + }, + "certValidationFailureEvent": { + "$ref": "CertValidationFailureEvent", + "description": "An X.509v3 certificate failed to validate, currently this validation is performed on the Wi-FI access point and failure may be due to a mismatch upon server certificate validation. However it may in the future include other validation events of an X.509v3 certificate. Part of SECURITY_LOGS." + }, + "connectEvent": { + "$ref": "ConnectEvent", + "description": "A TCP connect event was initiated through the standard network stack. Part of NETWORK_LOGS." + }, + "cryptoSelfTestCompletedEvent": { + "$ref": "CryptoSelfTestCompletedEvent", + "description": "Validates whether Android’s built-in cryptographic library (BoringSSL) is valid. Should always succeed on device boot, if it fails, the device should be considered untrusted. Part of SECURITY_LOGS." + }, + "dnsEvent": { + "$ref": "DnsEvent", + "description": "A DNS lookup event was initiated through the standard network stack. Part of NETWORK_LOGS." + }, + "eventId": { + "description": "Unique id of the event.", + "format": "int64", + "type": "string" + }, + "eventTime": { + "description": "Device timestamp when the event was logged.", + "format": "google-datetime", + "type": "string" + }, + "eventType": { + "description": "The particular usage log event type that was reported on the device. Use this to determine which event field to access.", + "enum": [ + "EVENT_TYPE_UNSPECIFIED", + "ADB_SHELL_COMMAND", + "ADB_SHELL_INTERACTIVE", + "APP_PROCESS_START", + "KEYGUARD_DISMISSED", + "KEYGUARD_DISMISS_AUTH_ATTEMPT", + "KEYGUARD_SECURED", + "FILE_PULLED", + "FILE_PUSHED", + "CERT_AUTHORITY_INSTALLED", + "CERT_AUTHORITY_REMOVED", + "CERT_VALIDATION_FAILURE", + "CRYPTO_SELF_TEST_COMPLETED", + "KEY_DESTRUCTION", + "KEY_GENERATED", + "KEY_IMPORT", + "KEY_INTEGRITY_VIOLATION", + "LOGGING_STARTED", + "LOGGING_STOPPED", + "LOG_BUFFER_SIZE_CRITICAL", + "MEDIA_MOUNT", + "MEDIA_UNMOUNT", + "OS_SHUTDOWN", + "OS_STARTUP", + "REMOTE_LOCK", + "WIPE_FAILURE", + "CONNECT", + "DNS" + ], + "enumDescriptions": [ + "This value is not used", + "Indicates adb_shell_command_event has been set.", + "Indicates adb_shell_interactive_event has been set.", + "Indicates app_process_start_event has been set.", + "Indicates keyguard_dismissed_event has been set.", + "Indicates keyguard_dismiss_auth_attempt_event has been set.", + "Indicates keyguard_secured_event has been set.", + "Indicates file_pulled_event has been set.", + "Indicates file_pushed_event has been set.", + "Indicates cert_authority_installed_event has been set.", + "Indicates cert_authority_removed_event has been set.", + "Indicates cert_validation_failure_event has been set.", + "Indicates crypto_self_test_completed_event has been set.", + "Indicates key_destruction_event has been set.", + "Indicates key_generated_event has been set.", + "Indicates key_import_event has been set.", + "Indicates key_integrity_violation_event has been set.", + "Indicates logging_started_event has been set.", + "Indicates logging_stopped_event has been set.", + "Indicates log_buffer_size_critical_event has been set.", + "Indicates media_mount_event has been set.", + "Indicates media_unmount_event has been set.", + "Indicates os_shutdown_event has been set.", + "Indicates os_startup_event has been set.", + "Indicates remote_lock_event has been set.", + "Indicates wipe_failure_event has been set.", + "Indicates connect_event has been set.", + "Indicates dns_event has been set." + ], + "type": "string" + }, + "filePulledEvent": { + "$ref": "FilePulledEvent", + "description": "A file was downloaded from the device. Part of SECURITY_LOGS." + }, + "filePushedEvent": { + "$ref": "FilePushedEvent", + "description": "A file was uploaded onto the device. Part of SECURITY_LOGS." + }, + "keyDestructionEvent": { + "$ref": "KeyDestructionEvent", + "description": "A cryptographic key including user installed, admin installed and system maintained private key is removed from the device either by the user or management. Part of SECURITY_LOGS." + }, + "keyGeneratedEvent": { + "$ref": "KeyGeneratedEvent", + "description": "A cryptographic key including user installed, admin installed and system maintained private key is installed on the device either by the user or management. Part of SECURITY_LOGS." + }, + "keyImportEvent": { + "$ref": "KeyImportEvent", + "description": "A cryptographic key including user installed, admin installed and system maintained private key is imported on the device either by the user or management. Part of SECURITY_LOGS." + }, + "keyIntegrityViolationEvent": { + "$ref": "KeyIntegrityViolationEvent", + "description": "A cryptographic key including user installed, admin installed and system maintained private key is determined to be corrupted due to storage corruption, hardware failure or some OS issue. Part of SECURITY_LOGS." + }, + "keyguardDismissAuthAttemptEvent": { + "$ref": "KeyguardDismissAuthAttemptEvent", + "description": "An attempt was made to unlock the device. Part of SECURITY_LOGS." + }, + "keyguardDismissedEvent": { + "$ref": "KeyguardDismissedEvent", + "description": "The keyguard was dismissed. Part of SECURITY_LOGS." + }, + "keyguardSecuredEvent": { + "$ref": "KeyguardSecuredEvent", + "description": "The device was locked either by user or timeout. Part of SECURITY_LOGS." + }, + "logBufferSizeCriticalEvent": { + "$ref": "LogBufferSizeCriticalEvent", + "description": "The audit log buffer has reached 90% of its capacity, therefore older events may be dropped. Part of SECURITY_LOGS." + }, + "loggingStartedEvent": { + "$ref": "LoggingStartedEvent", + "description": "usageLog policy has been enabled. Part of SECURITY_LOGS." + }, + "loggingStoppedEvent": { + "$ref": "LoggingStoppedEvent", + "description": "usageLog policy has been disabled. Part of SECURITY_LOGS." + }, + "mediaMountEvent": { + "$ref": "MediaMountEvent", + "description": "Removable media was mounted. Part of SECURITY_LOGS." + }, + "mediaUnmountEvent": { + "$ref": "MediaUnmountEvent", + "description": "Removable media was unmounted. Part of SECURITY_LOGS." + }, + "osShutdownEvent": { + "$ref": "OsShutdownEvent", + "description": "Device was shutdown. Part of SECURITY_LOGS." + }, + "osStartupEvent": { + "$ref": "OsStartupEvent", + "description": "Device was started. Part of SECURITY_LOGS." + }, + "remoteLockEvent": { + "$ref": "RemoteLockEvent", + "description": "The device or profile has been remotely locked via the LOCK command. Part of SECURITY_LOGS." + }, + "wipeFailureEvent": { + "$ref": "WipeFailureEvent", + "description": "The work profile or company-owned device failed to wipe when when requested. This could be user initiated or admin initiated e.g. delete was received. Part of SECURITY_LOGS." + } + }, + "type": "object" + }, "User": { "description": "A user belonging to an enterprise.", "id": "User", @@ -4902,6 +5535,12 @@ } }, "type": "object" + }, + "WipeFailureEvent": { + "description": "The work profile or company-owned device failed to wipe when when requested. This could be user initiated or admin initiated e.g. delete was received. Intentionally empty.", + "id": "WipeFailureEvent", + "properties": {}, + "type": "object" } }, "servicePath": "", diff --git a/androidmanagement/v1/androidmanagement-gen.go b/androidmanagement/v1/androidmanagement-gen.go index cf8a8837296..6e28fd5f311 100644 --- a/androidmanagement/v1/androidmanagement-gen.go +++ b/androidmanagement/v1/androidmanagement-gen.go @@ -241,6 +241,42 @@ type SignupUrlsService struct { s *Service } +// AdbShellCommandEvent: A shell command was issued over ADB via “adb +// shell command”. +type AdbShellCommandEvent struct { + // ShellCmd: Shell command that was issued over ADB via "adb shell + // command". Redacted to empty string on organization-owned managed + // profile devices. + ShellCmd string `json:"shellCmd,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ShellCmd") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ShellCmd") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *AdbShellCommandEvent) MarshalJSON() ([]byte, error) { + type NoMethod AdbShellCommandEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// AdbShellInteractiveEvent: An ADB interactive shell was opened via +// “adb shell”. Intentionally empty. +type AdbShellInteractiveEvent struct { +} + // AdvancedSecurityOverrides: Security policies set to secure values by // default. To maintain the security posture of a device, we don't // recommend overriding any of the default values. @@ -401,6 +437,87 @@ func (s *ApiLevelCondition) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// AppProcessInfo: Information about a process. It contains process +// name, start time, app Uid, app Pid, seinfo tag, hash of the base APK. +type AppProcessInfo struct { + // ApkSha256Hash: SHA-256 hash of the base APK, in hexadecimal format. + ApkSha256Hash string `json:"apkSha256Hash,omitempty"` + + // PackageNames: Package names of all packages that are associated with + // the particular user id. In most cases, this will be a single package + // name, the package that has been assigned that user id. If multiple + // application share a uid then all packages sharing uid will be + // included. + PackageNames []string `json:"packageNames,omitempty"` + + // Pid: Process ID. + Pid int64 `json:"pid,omitempty"` + + // ProcessName: Process name. + ProcessName string `json:"processName,omitempty"` + + // Seinfo: SELinux policy info. + Seinfo string `json:"seinfo,omitempty"` + + // StartTime: Process start time. + StartTime string `json:"startTime,omitempty"` + + // Uid: UID of the package. + Uid int64 `json:"uid,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ApkSha256Hash") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ApkSha256Hash") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *AppProcessInfo) MarshalJSON() ([]byte, error) { + type NoMethod AppProcessInfo + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// AppProcessStartEvent: An app process was started. This is available +// device-wide on fully managed devices and within the work profile on +// organization-owned devices with a work profile. +type AppProcessStartEvent struct { + // ProcessInfo: Information about a process. + ProcessInfo *AppProcessInfo `json:"processInfo,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ProcessInfo") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ProcessInfo") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *AppProcessStartEvent) MarshalJSON() ([]byte, error) { + type NoMethod AppProcessStartEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // AppTrackInfo: Id to name association of a app track. type AppTrackInfo struct { // TrackAlias: The track name associated with the trackId, set in the @@ -1000,6 +1117,47 @@ func (s *ApplicationReportingSettings) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// BatchUsageLogEvents: Batched event logs of events from the device. +type BatchUsageLogEvents struct { + // Device: The name of the device in the form + // ‘enterprises/{enterpriseId}/devices/{deviceId}’ + Device string `json:"device,omitempty"` + + // RetrievalTime: The device timestamp when the batch of events were + // collected from the device. + RetrievalTime string `json:"retrievalTime,omitempty"` + + // UsageLogEvents: The list of UsageLogEvent that were reported by the + // device, sorted chronologically by the event time. + UsageLogEvents []*UsageLogEvent `json:"usageLogEvents,omitempty"` + + // User: The resource name of the user that owns this device in the form + // ‘enterprises/{enterpriseId}/users/{userId}’. + User string `json:"user,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Device") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Device") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *BatchUsageLogEvents) MarshalJSON() ([]byte, error) { + type NoMethod BatchUsageLogEvents + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // BlockAction: An action to block access to apps and data on a fully // managed device or in a work profile. This action also triggers a // device or work profile to displays a user-facing notification with @@ -1047,6 +1205,114 @@ func (s *BlockAction) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// CertAuthorityInstalledEvent: A new root certificate was installed +// into the system's trusted credential storage. This is available +// device-wide on fully managed devices and within the work profile on +// organization-owned devices with a work profile. +type CertAuthorityInstalledEvent struct { + // Certificate: Subject of the certificate. + Certificate string `json:"certificate,omitempty"` + + // Success: Whether the installation event succeeded. + Success bool `json:"success,omitempty"` + + // UserId: The user in which the certificate install event happened. + // Only available for devices running Android 11 and above. + UserId int64 `json:"userId,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Certificate") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Certificate") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *CertAuthorityInstalledEvent) MarshalJSON() ([]byte, error) { + type NoMethod CertAuthorityInstalledEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// CertAuthorityRemovedEvent: A root certificate was removed from the +// system's trusted credential storage. This is available device-wide on +// fully managed devices and within the work profile on +// organization-owned devices with a work profile. +type CertAuthorityRemovedEvent struct { + // Certificate: Subject of the certificate. + Certificate string `json:"certificate,omitempty"` + + // Success: Whether the removal succeeded. + Success bool `json:"success,omitempty"` + + // UserId: The user in which the certificate removal event occurred. + // Only available for devices running Android 11 and above. + UserId int64 `json:"userId,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Certificate") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Certificate") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *CertAuthorityRemovedEvent) MarshalJSON() ([]byte, error) { + type NoMethod CertAuthorityRemovedEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// CertValidationFailureEvent: An X.509v3 certificate failed to +// validate, currently this validation is performed on the Wi-FI access +// point and failure may be due to a mismatch upon server certificate +// validation. However it may in the future include other validation +// events of an X.509v3 certificate. +type CertValidationFailureEvent struct { + // FailureReason: The reason why certification validation failed. + FailureReason string `json:"failureReason,omitempty"` + + // ForceSendFields is a list of field names (e.g. "FailureReason") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "FailureReason") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *CertValidationFailureEvent) MarshalJSON() ([]byte, error) { + type NoMethod CertValidationFailureEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // ChoosePrivateKeyRule: Controls apps' access to private keys. The rule // determines which private key, if any, Android Device Policy grants to // the specified app. Access is granted either when the app calls @@ -1363,6 +1629,44 @@ func (s *ComplianceRule) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// ConnectEvent: A TCP connect event was initiated through the standard +// network stack. +type ConnectEvent struct { + // DestinationIpAddress: The destination IP address of the connect call. + DestinationIpAddress string `json:"destinationIpAddress,omitempty"` + + // DestinationPort: The destination port of the connect call. + DestinationPort int64 `json:"destinationPort,omitempty"` + + // PackageName: The package name of the UID that performed the connect + // call. + PackageName string `json:"packageName,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "DestinationIpAddress") to unconditionally include in API requests. + // By default, fields with empty or default values are omitted from API + // requests. However, any non-pointer, non-interface field appearing in + // ForceSendFields will be sent to the server regardless of whether the + // field is empty or not. This may be used to include empty fields in + // Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DestinationIpAddress") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *ConnectEvent) MarshalJSON() ([]byte, error) { + type NoMethod ConnectEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // ContactInfo: Contact details for managed Google Play enterprises. type ContactInfo struct { // ContactEmail: Email address for a point of contact, which will be @@ -1526,6 +1830,36 @@ func (s *CrossProfilePolicies) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// CryptoSelfTestCompletedEvent: Validates whether Android’s built-in +// cryptographic library (BoringSSL) is valid. Should always succeed on +// device boot, if it fails, the device should be considered untrusted. +type CryptoSelfTestCompletedEvent struct { + // Success: Whether the test succeeded. + Success bool `json:"success,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Success") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Success") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *CryptoSelfTestCompletedEvent) MarshalJSON() ([]byte, error) { + type NoMethod CryptoSelfTestCompletedEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // Date: Represents a whole or partial calendar date, such as a // birthday. The time of day and time zone are either specified // elsewhere or are insignificant. The date is relative to the Gregorian @@ -1917,6 +2251,48 @@ func (s *Display) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// DnsEvent: A DNS lookup event was initiated through the standard +// network stack. +type DnsEvent struct { + // Hostname: The hostname that was looked up. + Hostname string `json:"hostname,omitempty"` + + // IpAddresses: The (possibly truncated) list of the IP addresses + // returned for DNS lookup (max 10 IPv4 or IPv6 addresses). + IpAddresses []string `json:"ipAddresses,omitempty"` + + // PackageName: The package name of the UID that performed the DNS + // lookup. + PackageName string `json:"packageName,omitempty"` + + // TotalIpAddressesReturned: The number of IP addresses returned from + // the DNS lookup event. May be higher than the amount of ip_addresses + // if there were too many addresses to log. + TotalIpAddressesReturned int64 `json:"totalIpAddressesReturned,omitempty,string"` + + // ForceSendFields is a list of field names (e.g. "Hostname") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Hostname") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *DnsEvent) MarshalJSON() ([]byte, error) { + type NoMethod DnsEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // Empty: A generic empty message that you can re-use to avoid defining // duplicated empty messages in your APIs. A typical example is to use // it as the request or the response type of an API method. For @@ -2199,6 +2575,62 @@ func (s *ExternalData) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// FilePulledEvent: A file was downloaded from the device. +type FilePulledEvent struct { + // FilePath: The path of the file being pulled. + FilePath string `json:"filePath,omitempty"` + + // ForceSendFields is a list of field names (e.g. "FilePath") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "FilePath") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *FilePulledEvent) MarshalJSON() ([]byte, error) { + type NoMethod FilePulledEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// FilePushedEvent: A file was uploaded onto the device. +type FilePushedEvent struct { + // FilePath: The path of the file being pushed. + FilePath string `json:"filePath,omitempty"` + + // ForceSendFields is a list of field names (e.g. "FilePath") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "FilePath") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *FilePushedEvent) MarshalJSON() ([]byte, error) { + type NoMethod FilePushedEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // FreezePeriod: A system freeze period. When a device’s clock is // within the freeze period, all incoming system updates (including // security patches) are blocked and won’t be installed. When a device @@ -2327,53 +2759,175 @@ type HardwareInfo struct { NullFields []string `json:"-"` } -func (s *HardwareInfo) MarshalJSON() ([]byte, error) { - type NoMethod HardwareInfo +func (s *HardwareInfo) MarshalJSON() ([]byte, error) { + type NoMethod HardwareInfo + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// HardwareStatus: Hardware status. Temperatures may be compared to the +// temperature thresholds available in hardwareInfo to determine +// hardware health. +type HardwareStatus struct { + // BatteryTemperatures: Current battery temperatures in Celsius for each + // battery on the device. + BatteryTemperatures []float64 `json:"batteryTemperatures,omitempty"` + + // CpuTemperatures: Current CPU temperatures in Celsius for each CPU on + // the device. + CpuTemperatures []float64 `json:"cpuTemperatures,omitempty"` + + // CpuUsages: CPU usages in percentage for each core available on the + // device. Usage is 0 for each unplugged core. Empty array implies that + // CPU usage is not supported in the system. + CpuUsages []float64 `json:"cpuUsages,omitempty"` + + // CreateTime: The time the measurements were taken. + CreateTime string `json:"createTime,omitempty"` + + // FanSpeeds: Fan speeds in RPM for each fan on the device. Empty array + // means that there are no fans or fan speed is not supported on the + // system. + FanSpeeds []float64 `json:"fanSpeeds,omitempty"` + + // GpuTemperatures: Current GPU temperatures in Celsius for each GPU on + // the device. + GpuTemperatures []float64 `json:"gpuTemperatures,omitempty"` + + // SkinTemperatures: Current device skin temperatures in Celsius. + SkinTemperatures []float64 `json:"skinTemperatures,omitempty"` + + // ForceSendFields is a list of field names (e.g. "BatteryTemperatures") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "BatteryTemperatures") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *HardwareStatus) MarshalJSON() ([]byte, error) { + type NoMethod HardwareStatus + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// IssueCommandResponse: Response on issuing a command. This is +// currently empty as a placeholder. +type IssueCommandResponse struct { +} + +// KeyDestructionEvent: A cryptographic key including user installed, +// admin installed and system maintained private key is removed from the +// device either by the user or management. This is available +// device-wide on fully managed devices and within the work profile on +// organization-owned devices with a work profile. +type KeyDestructionEvent struct { + // ApplicationUid: UID of the application which owns the key. + ApplicationUid int64 `json:"applicationUid,omitempty"` + + // KeyAlias: Alias of the key. + KeyAlias string `json:"keyAlias,omitempty"` + + // Success: Whether the operation was successful. + Success bool `json:"success,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ApplicationUid") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ApplicationUid") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *KeyDestructionEvent) MarshalJSON() ([]byte, error) { + type NoMethod KeyDestructionEvent raw := NoMethod(*s) return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// HardwareStatus: Hardware status. Temperatures may be compared to the -// temperature thresholds available in hardwareInfo to determine -// hardware health. -type HardwareStatus struct { - // BatteryTemperatures: Current battery temperatures in Celsius for each - // battery on the device. - BatteryTemperatures []float64 `json:"batteryTemperatures,omitempty"` +// KeyGeneratedEvent: A cryptographic key including user installed, +// admin installed and system maintained private key is installed on the +// device either by the user or management.This is available device-wide +// on fully managed devices and within the work profile on +// organization-owned devices with a work profile. +type KeyGeneratedEvent struct { + // ApplicationUid: UID of the application which generated the key. + ApplicationUid int64 `json:"applicationUid,omitempty"` - // CpuTemperatures: Current CPU temperatures in Celsius for each CPU on - // the device. - CpuTemperatures []float64 `json:"cpuTemperatures,omitempty"` + // KeyAlias: Alias of the key. + KeyAlias string `json:"keyAlias,omitempty"` - // CpuUsages: CPU usages in percentage for each core available on the - // device. Usage is 0 for each unplugged core. Empty array implies that - // CPU usage is not supported in the system. - CpuUsages []float64 `json:"cpuUsages,omitempty"` + // Success: Whether the operation was successful. + Success bool `json:"success,omitempty"` - // CreateTime: The time the measurements were taken. - CreateTime string `json:"createTime,omitempty"` + // ForceSendFields is a list of field names (e.g. "ApplicationUid") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` - // FanSpeeds: Fan speeds in RPM for each fan on the device. Empty array - // means that there are no fans or fan speed is not supported on the - // system. - FanSpeeds []float64 `json:"fanSpeeds,omitempty"` + // NullFields is a list of field names (e.g. "ApplicationUid") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} - // GpuTemperatures: Current GPU temperatures in Celsius for each GPU on - // the device. - GpuTemperatures []float64 `json:"gpuTemperatures,omitempty"` +func (s *KeyGeneratedEvent) MarshalJSON() ([]byte, error) { + type NoMethod KeyGeneratedEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} - // SkinTemperatures: Current device skin temperatures in Celsius. - SkinTemperatures []float64 `json:"skinTemperatures,omitempty"` +// KeyImportEvent: A cryptographic key including user installed, admin +// installed and system maintained private key is imported on the device +// either by the user or management. This is available device-wide on +// fully managed devices and within the work profile on +// organization-owned devices with a work profile. +type KeyImportEvent struct { + // ApplicationUid: UID of the application which imported the key + ApplicationUid int64 `json:"applicationUid,omitempty"` - // ForceSendFields is a list of field names (e.g. "BatteryTemperatures") - // to unconditionally include in API requests. By default, fields with + // KeyAlias: Alias of the key. + KeyAlias string `json:"keyAlias,omitempty"` + + // Success: Whether the operation was successful. + Success bool `json:"success,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ApplicationUid") to + // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "BatteryTemperatures") to + // NullFields is a list of field names (e.g. "ApplicationUid") to // include in API requests with the JSON null value. By default, fields // with empty values are omitted from API requests. However, any field // with an empty value appearing in NullFields will be sent to the @@ -2383,15 +2937,47 @@ type HardwareStatus struct { NullFields []string `json:"-"` } -func (s *HardwareStatus) MarshalJSON() ([]byte, error) { - type NoMethod HardwareStatus +func (s *KeyImportEvent) MarshalJSON() ([]byte, error) { + type NoMethod KeyImportEvent raw := NoMethod(*s) return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// IssueCommandResponse: Response on issuing a command. This is -// currently empty as a placeholder. -type IssueCommandResponse struct { +// KeyIntegrityViolationEvent: A cryptographic key including user +// installed, admin installed and system maintained private key is +// determined to be corrupted due to storage corruption, hardware +// failure or some OS issue. This is available device-wide on fully +// managed devices and within the work profile on organization-owned +// devices with a work profile. +type KeyIntegrityViolationEvent struct { + // ApplicationUid: UID of the application which owns the key + ApplicationUid int64 `json:"applicationUid,omitempty"` + + // KeyAlias: Alias of the key. + KeyAlias string `json:"keyAlias,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ApplicationUid") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ApplicationUid") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *KeyIntegrityViolationEvent) MarshalJSON() ([]byte, error) { + type NoMethod KeyIntegrityViolationEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } // KeyedAppState: Keyed app state reported by the app. @@ -2452,6 +3038,51 @@ func (s *KeyedAppState) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// KeyguardDismissAuthAttemptEvent: An attempt was made to unlock the +// device. +type KeyguardDismissAuthAttemptEvent struct { + // StrongAuthMethodUsed: Whether a strong form of authentication + // (password, PIN, or pattern) was used to unlock device. + StrongAuthMethodUsed bool `json:"strongAuthMethodUsed,omitempty"` + + // Success: Whether the unlock attempt was successful. + Success bool `json:"success,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "StrongAuthMethodUsed") to unconditionally include in API requests. + // By default, fields with empty or default values are omitted from API + // requests. However, any non-pointer, non-interface field appearing in + // ForceSendFields will be sent to the server regardless of whether the + // field is empty or not. This may be used to include empty fields in + // Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "StrongAuthMethodUsed") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *KeyguardDismissAuthAttemptEvent) MarshalJSON() ([]byte, error) { + type NoMethod KeyguardDismissAuthAttemptEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// KeyguardDismissedEvent: The keyguard was dismissed. Intentionally +// empty. +type KeyguardDismissedEvent struct { +} + +// KeyguardSecuredEvent: The device was locked either by user or +// timeout. Intentionally empty. +type KeyguardSecuredEvent struct { +} + // KioskCustomization: Settings controlling the behavior of a device in // kiosk mode. To enable kiosk mode, set kioskCustomLauncherEnabled to // true or specify an app in the policy with installType KIOSK. @@ -2798,6 +3429,22 @@ func (s *ListWebAppsResponse) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// LogBufferSizeCriticalEvent: The usageLog buffer on the device has +// reached 90% of its capacity, therefore older events may be dropped. +// Intentionally empty. +type LogBufferSizeCriticalEvent struct { +} + +// LoggingStartedEvent: usageLog policy has been enabled. Intentionally +// empty. +type LoggingStartedEvent struct { +} + +// LoggingStoppedEvent: usageLog policy has been disabled. Intentionally +// empty. +type LoggingStoppedEvent struct { +} + // ManagedConfigurationTemplate: The managed configurations template for // the app, saved from the managed configurations iframe. type ManagedConfigurationTemplate struct { @@ -2929,6 +3576,70 @@ func (s *ManagedPropertyEntry) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// MediaMountEvent: Removable media was mounted. +type MediaMountEvent struct { + // MountPoint: Mount point. + MountPoint string `json:"mountPoint,omitempty"` + + // VolumeLabel: Volume label. Redacted to empty string on + // organization-owned managed profile devices. + VolumeLabel string `json:"volumeLabel,omitempty"` + + // ForceSendFields is a list of field names (e.g. "MountPoint") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "MountPoint") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *MediaMountEvent) MarshalJSON() ([]byte, error) { + type NoMethod MediaMountEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// MediaUnmountEvent: Removable media was unmounted. +type MediaUnmountEvent struct { + // MountPoint: Mount point. + MountPoint string `json:"mountPoint,omitempty"` + + // VolumeLabel: Volume label. Redacted to empty string on + // organization-owned managed profile devices. + VolumeLabel string `json:"volumeLabel,omitempty"` + + // ForceSendFields is a list of field names (e.g. "MountPoint") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "MountPoint") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *MediaUnmountEvent) MarshalJSON() ([]byte, error) { + type NoMethod MediaUnmountEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // MemoryEvent: An event related to memory and storage measurements. type MemoryEvent struct { // ByteCount: The number of free bytes in the medium, or for @@ -3376,6 +4087,60 @@ func (s *Operation) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// OsShutdownEvent: Device was shutdown. Intentionally empty. +type OsShutdownEvent struct { +} + +// OsStartupEvent: Device was started. +type OsStartupEvent struct { + // VerifiedBootState: Verified Boot state. + // + // Possible values: + // "VERIFIED_BOOT_STATE_UNSPECIFIED" - Unknown value. + // "GREEN" - Indicates that there is a full chain of trust extending + // from the bootloader to verified partitions including the bootloader, + // boot partition, and all verified partitions. + // "YELLOW" - Indicates that the boot partition has been verified + // using the embedded certificate and the signature is valid. + // "ORANGE" - Indicates that the device may be freely modified. Device + // integrity is left to the user to verify out-of-band. + VerifiedBootState string `json:"verifiedBootState,omitempty"` + + // VerityMode: dm-verity mode. + // + // Possible values: + // "DM_VERITY_MODE_UNSPECIFIED" - Unknown value. + // "ENFORCING" - Indicates that the device will be restarted when + // corruption is detected. + // "IO_ERROR" - Indicates that an I/O error will be returned for an + // attempt to read corrupted data blocks (also known as eio boot state). + // "DISABLED" - Indicates that dm-verity is disabled on device. + VerityMode string `json:"verityMode,omitempty"` + + // ForceSendFields is a list of field names (e.g. "VerifiedBootState") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "VerifiedBootState") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *OsStartupEvent) MarshalJSON() ([]byte, error) { + type NoMethod OsStartupEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // PackageNameList: A list of package names. type PackageNameList struct { // PackageNames: A list of package names. @@ -4623,6 +5388,44 @@ func (s *ProxyInfo) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// RemoteLockEvent: The device or profile has been remotely locked via +// the LOCK command. +type RemoteLockEvent struct { + // AdminPackageName: Package name of the admin app requesting the + // change. + AdminPackageName string `json:"adminPackageName,omitempty"` + + // AdminUserId: User ID of the admin app from the which the change was + // requested. + AdminUserId int64 `json:"adminUserId,omitempty"` + + // TargetUserId: User ID in which the change was requested in. + TargetUserId int64 `json:"targetUserId,omitempty"` + + // ForceSendFields is a list of field names (e.g. "AdminPackageName") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "AdminPackageName") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *RemoteLockEvent) MarshalJSON() ([]byte, error) { + type NoMethod RemoteLockEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // SecurityPosture: The security posture of the device, as determined by // the current device state and the policies applied. type SecurityPosture struct { @@ -5216,13 +6019,13 @@ type UsageLog struct { // "LOG_TYPE_UNSPECIFIED" - This value is not used. // "SECURITY_LOGS" - Enable logging of on-device security events, like // when the device password is incorrectly entered or removable storage - // is mounted. See event for a complete description of the logged - // security events. Supported for fully managed devices on Android 7 and - // above. Supported for company-owned devices with a work profile on - // Android 12 and above, on which only security events from the work - // profile are logged. + // is mounted. See UsageLogEvent for a complete description of the + // logged security events. Supported for fully managed devices on + // Android 7 and above. Supported for company-owned devices with a work + // profile on Android 12 and above, on which only security events from + // the work profile are logged. // "NETWORK_ACTIVITY_LOGS" - Enable logging of on-device network - // events, like DNS lookups and TCP connections. See event for a + // events, like DNS lookups and TCP connections. See UsageLogEvent for a // complete description of the logged network events. Supported for // fully managed devices on Android 8 and above. Supported for // company-owned devices with a work profile on Android 12 and above, on @@ -5237,13 +6040,13 @@ type UsageLog struct { // "LOG_TYPE_UNSPECIFIED" - This value is not used. // "SECURITY_LOGS" - Enable logging of on-device security events, like // when the device password is incorrectly entered or removable storage - // is mounted. See event for a complete description of the logged - // security events. Supported for fully managed devices on Android 7 and - // above. Supported for company-owned devices with a work profile on - // Android 12 and above, on which only security events from the work - // profile are logged. + // is mounted. See UsageLogEvent for a complete description of the + // logged security events. Supported for fully managed devices on + // Android 7 and above. Supported for company-owned devices with a work + // profile on Android 12 and above, on which only security events from + // the work profile are logged. // "NETWORK_ACTIVITY_LOGS" - Enable logging of on-device network - // events, like DNS lookups and TCP connections. See event for a + // events, like DNS lookups and TCP connections. See UsageLogEvent for a // complete description of the logged network events. Supported for // fully managed devices on Android 8 and above. Supported for // company-owned devices with a work profile on Android 12 and above, on @@ -5274,6 +6077,201 @@ func (s *UsageLog) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// UsageLogEvent: An event logged on the device. +type UsageLogEvent struct { + // AdbShellCommandEvent: A shell command was issued over ADB via “adb + // shell command”. Part of SECURITY_LOGS. + AdbShellCommandEvent *AdbShellCommandEvent `json:"adbShellCommandEvent,omitempty"` + + // AdbShellInteractiveEvent: An ADB interactive shell was opened via + // “adb shell”. Part of SECURITY_LOGS. + AdbShellInteractiveEvent *AdbShellInteractiveEvent `json:"adbShellInteractiveEvent,omitempty"` + + // AppProcessStartEvent: An app process was started. Part of + // SECURITY_LOGS. + AppProcessStartEvent *AppProcessStartEvent `json:"appProcessStartEvent,omitempty"` + + // CertAuthorityInstalledEvent: A new root certificate was installed + // into the system's trusted credential storage. Part of SECURITY_LOGS. + CertAuthorityInstalledEvent *CertAuthorityInstalledEvent `json:"certAuthorityInstalledEvent,omitempty"` + + // CertAuthorityRemovedEvent: A root certificate was removed from the + // system's trusted credential storage. Part of SECURITY_LOGS. + CertAuthorityRemovedEvent *CertAuthorityRemovedEvent `json:"certAuthorityRemovedEvent,omitempty"` + + // CertValidationFailureEvent: An X.509v3 certificate failed to + // validate, currently this validation is performed on the Wi-FI access + // point and failure may be due to a mismatch upon server certificate + // validation. However it may in the future include other validation + // events of an X.509v3 certificate. Part of SECURITY_LOGS. + CertValidationFailureEvent *CertValidationFailureEvent `json:"certValidationFailureEvent,omitempty"` + + // ConnectEvent: A TCP connect event was initiated through the standard + // network stack. Part of NETWORK_LOGS. + ConnectEvent *ConnectEvent `json:"connectEvent,omitempty"` + + // CryptoSelfTestCompletedEvent: Validates whether Android’s built-in + // cryptographic library (BoringSSL) is valid. Should always succeed on + // device boot, if it fails, the device should be considered untrusted. + // Part of SECURITY_LOGS. + CryptoSelfTestCompletedEvent *CryptoSelfTestCompletedEvent `json:"cryptoSelfTestCompletedEvent,omitempty"` + + // DnsEvent: A DNS lookup event was initiated through the standard + // network stack. Part of NETWORK_LOGS. + DnsEvent *DnsEvent `json:"dnsEvent,omitempty"` + + // EventId: Unique id of the event. + EventId int64 `json:"eventId,omitempty,string"` + + // EventTime: Device timestamp when the event was logged. + EventTime string `json:"eventTime,omitempty"` + + // EventType: The particular usage log event type that was reported on + // the device. Use this to determine which event field to access. + // + // Possible values: + // "EVENT_TYPE_UNSPECIFIED" - This value is not used + // "ADB_SHELL_COMMAND" - Indicates adb_shell_command_event has been + // set. + // "ADB_SHELL_INTERACTIVE" - Indicates adb_shell_interactive_event has + // been set. + // "APP_PROCESS_START" - Indicates app_process_start_event has been + // set. + // "KEYGUARD_DISMISSED" - Indicates keyguard_dismissed_event has been + // set. + // "KEYGUARD_DISMISS_AUTH_ATTEMPT" - Indicates + // keyguard_dismiss_auth_attempt_event has been set. + // "KEYGUARD_SECURED" - Indicates keyguard_secured_event has been set. + // "FILE_PULLED" - Indicates file_pulled_event has been set. + // "FILE_PUSHED" - Indicates file_pushed_event has been set. + // "CERT_AUTHORITY_INSTALLED" - Indicates + // cert_authority_installed_event has been set. + // "CERT_AUTHORITY_REMOVED" - Indicates cert_authority_removed_event + // has been set. + // "CERT_VALIDATION_FAILURE" - Indicates cert_validation_failure_event + // has been set. + // "CRYPTO_SELF_TEST_COMPLETED" - Indicates + // crypto_self_test_completed_event has been set. + // "KEY_DESTRUCTION" - Indicates key_destruction_event has been set. + // "KEY_GENERATED" - Indicates key_generated_event has been set. + // "KEY_IMPORT" - Indicates key_import_event has been set. + // "KEY_INTEGRITY_VIOLATION" - Indicates key_integrity_violation_event + // has been set. + // "LOGGING_STARTED" - Indicates logging_started_event has been set. + // "LOGGING_STOPPED" - Indicates logging_stopped_event has been set. + // "LOG_BUFFER_SIZE_CRITICAL" - Indicates + // log_buffer_size_critical_event has been set. + // "MEDIA_MOUNT" - Indicates media_mount_event has been set. + // "MEDIA_UNMOUNT" - Indicates media_unmount_event has been set. + // "OS_SHUTDOWN" - Indicates os_shutdown_event has been set. + // "OS_STARTUP" - Indicates os_startup_event has been set. + // "REMOTE_LOCK" - Indicates remote_lock_event has been set. + // "WIPE_FAILURE" - Indicates wipe_failure_event has been set. + // "CONNECT" - Indicates connect_event has been set. + // "DNS" - Indicates dns_event has been set. + EventType string `json:"eventType,omitempty"` + + // FilePulledEvent: A file was downloaded from the device. Part of + // SECURITY_LOGS. + FilePulledEvent *FilePulledEvent `json:"filePulledEvent,omitempty"` + + // FilePushedEvent: A file was uploaded onto the device. Part of + // SECURITY_LOGS. + FilePushedEvent *FilePushedEvent `json:"filePushedEvent,omitempty"` + + // KeyDestructionEvent: A cryptographic key including user installed, + // admin installed and system maintained private key is removed from the + // device either by the user or management. Part of SECURITY_LOGS. + KeyDestructionEvent *KeyDestructionEvent `json:"keyDestructionEvent,omitempty"` + + // KeyGeneratedEvent: A cryptographic key including user installed, + // admin installed and system maintained private key is installed on the + // device either by the user or management. Part of SECURITY_LOGS. + KeyGeneratedEvent *KeyGeneratedEvent `json:"keyGeneratedEvent,omitempty"` + + // KeyImportEvent: A cryptographic key including user installed, admin + // installed and system maintained private key is imported on the device + // either by the user or management. Part of SECURITY_LOGS. + KeyImportEvent *KeyImportEvent `json:"keyImportEvent,omitempty"` + + // KeyIntegrityViolationEvent: A cryptographic key including user + // installed, admin installed and system maintained private key is + // determined to be corrupted due to storage corruption, hardware + // failure or some OS issue. Part of SECURITY_LOGS. + KeyIntegrityViolationEvent *KeyIntegrityViolationEvent `json:"keyIntegrityViolationEvent,omitempty"` + + // KeyguardDismissAuthAttemptEvent: An attempt was made to unlock the + // device. Part of SECURITY_LOGS. + KeyguardDismissAuthAttemptEvent *KeyguardDismissAuthAttemptEvent `json:"keyguardDismissAuthAttemptEvent,omitempty"` + + // KeyguardDismissedEvent: The keyguard was dismissed. Part of + // SECURITY_LOGS. + KeyguardDismissedEvent *KeyguardDismissedEvent `json:"keyguardDismissedEvent,omitempty"` + + // KeyguardSecuredEvent: The device was locked either by user or + // timeout. Part of SECURITY_LOGS. + KeyguardSecuredEvent *KeyguardSecuredEvent `json:"keyguardSecuredEvent,omitempty"` + + // LogBufferSizeCriticalEvent: The audit log buffer has reached 90% of + // its capacity, therefore older events may be dropped. Part of + // SECURITY_LOGS. + LogBufferSizeCriticalEvent *LogBufferSizeCriticalEvent `json:"logBufferSizeCriticalEvent,omitempty"` + + // LoggingStartedEvent: usageLog policy has been enabled. Part of + // SECURITY_LOGS. + LoggingStartedEvent *LoggingStartedEvent `json:"loggingStartedEvent,omitempty"` + + // LoggingStoppedEvent: usageLog policy has been disabled. Part of + // SECURITY_LOGS. + LoggingStoppedEvent *LoggingStoppedEvent `json:"loggingStoppedEvent,omitempty"` + + // MediaMountEvent: Removable media was mounted. Part of SECURITY_LOGS. + MediaMountEvent *MediaMountEvent `json:"mediaMountEvent,omitempty"` + + // MediaUnmountEvent: Removable media was unmounted. Part of + // SECURITY_LOGS. + MediaUnmountEvent *MediaUnmountEvent `json:"mediaUnmountEvent,omitempty"` + + // OsShutdownEvent: Device was shutdown. Part of SECURITY_LOGS. + OsShutdownEvent *OsShutdownEvent `json:"osShutdownEvent,omitempty"` + + // OsStartupEvent: Device was started. Part of SECURITY_LOGS. + OsStartupEvent *OsStartupEvent `json:"osStartupEvent,omitempty"` + + // RemoteLockEvent: The device or profile has been remotely locked via + // the LOCK command. Part of SECURITY_LOGS. + RemoteLockEvent *RemoteLockEvent `json:"remoteLockEvent,omitempty"` + + // WipeFailureEvent: The work profile or company-owned device failed to + // wipe when when requested. This could be user initiated or admin + // initiated e.g. delete was received. Part of SECURITY_LOGS. + WipeFailureEvent *WipeFailureEvent `json:"wipeFailureEvent,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "AdbShellCommandEvent") to unconditionally include in API requests. + // By default, fields with empty or default values are omitted from API + // requests. However, any non-pointer, non-interface field appearing in + // ForceSendFields will be sent to the server regardless of whether the + // field is empty or not. This may be used to include empty fields in + // Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "AdbShellCommandEvent") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *UsageLogEvent) MarshalJSON() ([]byte, error) { + type NoMethod UsageLogEvent + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // User: A user belonging to an enterprise. type User struct { // AccountIdentifier: A unique identifier you create for this user, such @@ -5558,6 +6556,12 @@ func (s *WipeAction) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// WipeFailureEvent: The work profile or company-owned device failed to +// wipe when when requested. This could be user initiated or admin +// initiated e.g. delete was received. Intentionally empty. +type WipeFailureEvent struct { +} + // method id "androidmanagement.enterprises.create": type EnterprisesCreateCall struct { diff --git a/api-list.json b/api-list.json index 75cdd0b02c4..2cdb7084075 100644 --- a/api-list.json +++ b/api-list.json @@ -571,6 +571,21 @@ "documentationLink": "https://developers.google.com/authorized-buyers/apis/marketplace/reference/rest/", "preferred": true }, + { + "kind": "discovery#directoryItem", + "id": "baremetalsolution:v1alpha1", + "name": "baremetalsolution", + "version": "v1alpha1", + "title": "Bare Metal Solution API", + "description": "Provides ways to manage Bare Metal Solution hardware installed in a regional extension located near a Google Cloud data center.", + "discoveryRestUrl": "https://baremetalsolution.googleapis.com/$discovery/rest?version=v1alpha1", + "icons": { + "x16": "https://www.gstatic.com/images/branding/product/1x/googleg_16dp.png", + "x32": "https://www.gstatic.com/images/branding/product/1x/googleg_32dp.png" + }, + "documentationLink": "https://cloud.google.com/bare-metal", + "preferred": false + }, { "kind": "discovery#directoryItem", "id": "baremetalsolution:v1", @@ -614,6 +629,21 @@ "x32": "https://www.gstatic.com/images/branding/product/1x/googleg_32dp.png" }, "documentationLink": "https://cloud.google.com/", + "preferred": false + }, + { + "kind": "discovery#directoryItem", + "id": "beyondcorp:v1", + "name": "beyondcorp", + "version": "v1", + "title": "BeyondCorp API", + "description": "Beyondcorp Enterprise provides identity and context aware access controls for enterprise resources and enables zero-trust access. Using the Beyondcorp Enterprise APIs, enterprises can set up multi-cloud and on-prem connectivity using the App Connector hybrid connectivity solution.", + "discoveryRestUrl": "https://beyondcorp.googleapis.com/$discovery/rest?version=v1", + "icons": { + "x16": "https://www.gstatic.com/images/branding/product/1x/googleg_16dp.png", + "x32": "https://www.gstatic.com/images/branding/product/1x/googleg_32dp.png" + }, + "documentationLink": "https://cloud.google.com/", "preferred": true }, { @@ -3642,7 +3672,7 @@ "name": "mybusinessbusinesscalls", "version": "v1", "title": "My Business Business Calls API", - "description": "The My Business Business Calls API manages business calls information of a location on Google.", + "description": "The My Business Business Calls API manages business calls information of a location on Google and collect insights like the number of missed calls to their location. Additional information about Business calls can be found at https://support.google.com/business/answer/9688285?p=call_history. If the Google Business Profile links to a Google Ads account and call history is turned on, calls that last longer than a specific time, and that can be attributed to an ad interaction, will show in the linked Google Ads account under the \"Calls from Ads\" conversion. If smart bidding and call conversions are used in the optimization strategy, there could be a change in ad spend. Learn more about smart bidding \u003chttps://support.google.com/google-ads/answer/7065882\u003e. To view and perform actions on a location's calls, you need to be a `OWNER`, `CO_OWNER` or `MANAGER` of the location.", "discoveryRestUrl": "https://mybusinessbusinesscalls.googleapis.com/$discovery/rest?version=v1", "icons": { "x16": "https://www.gstatic.com/images/branding/product/1x/googleg_16dp.png", diff --git a/cloudasset/v1/cloudasset-api.json b/cloudasset/v1/cloudasset-api.json index f04180ea174..339f6258a20 100644 --- a/cloudasset/v1/cloudasset-api.json +++ b/cloudasset/v1/cloudasset-api.json @@ -929,7 +929,7 @@ } } }, - "revision": "20220610", + "revision": "20220617", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AccessSelector": { @@ -2195,7 +2195,7 @@ "id": "GoogleIdentityAccesscontextmanagerV1EgressTo", "properties": { "externalResources": { - "description": "A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.", + "description": "A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.", "items": { "type": "string" }, diff --git a/cloudasset/v1/cloudasset-gen.go b/cloudasset/v1/cloudasset-gen.go index a8514754031..af4c3b94723 100644 --- a/cloudasset/v1/cloudasset-gen.go +++ b/cloudasset/v1/cloudasset-gen.go @@ -2814,8 +2814,12 @@ func (s *GoogleIdentityAccesscontextmanagerV1EgressPolicy) MarshalJSON() ([]byte // fields in order to be allowed egress out of the perimeter. type GoogleIdentityAccesscontextmanagerV1EgressTo struct { // ExternalResources: A list of external resources that are allowed to - // be accessed. A request matches if it contains an external resource in - // this list (Example: s3://bucket/path). Currently '*' is not allowed. + // be accessed. Only AWS and Azure resources are supported. For Amazon + // S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the + // supported format is + // azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request + // matches if it contains an external resource in this list (Example: + // s3://bucket/path). Currently '*' is not allowed. ExternalResources []string `json:"externalResources,omitempty"` // Operations: A list of ApiOperations allowed to be performed by the diff --git a/cloudasset/v1beta1/cloudasset-api.json b/cloudasset/v1beta1/cloudasset-api.json index efe516206b7..9f9aedbee0d 100644 --- a/cloudasset/v1beta1/cloudasset-api.json +++ b/cloudasset/v1beta1/cloudasset-api.json @@ -411,7 +411,7 @@ } } }, - "revision": "20220528", + "revision": "20220617", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -1161,7 +1161,7 @@ "id": "GoogleIdentityAccesscontextmanagerV1EgressTo", "properties": { "externalResources": { - "description": "A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.", + "description": "A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.", "items": { "type": "string" }, diff --git a/cloudasset/v1beta1/cloudasset-gen.go b/cloudasset/v1beta1/cloudasset-gen.go index 912d06f950b..1aa60598809 100644 --- a/cloudasset/v1beta1/cloudasset-gen.go +++ b/cloudasset/v1beta1/cloudasset-gen.go @@ -1719,8 +1719,12 @@ func (s *GoogleIdentityAccesscontextmanagerV1EgressPolicy) MarshalJSON() ([]byte // fields in order to be allowed egress out of the perimeter. type GoogleIdentityAccesscontextmanagerV1EgressTo struct { // ExternalResources: A list of external resources that are allowed to - // be accessed. A request matches if it contains an external resource in - // this list (Example: s3://bucket/path). Currently '*' is not allowed. + // be accessed. Only AWS and Azure resources are supported. For Amazon + // S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the + // supported format is + // azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request + // matches if it contains an external resource in this list (Example: + // s3://bucket/path). Currently '*' is not allowed. ExternalResources []string `json:"externalResources,omitempty"` // Operations: A list of ApiOperations allowed to be performed by the diff --git a/cloudasset/v1p1beta1/cloudasset-api.json b/cloudasset/v1p1beta1/cloudasset-api.json index 22490ba518b..299b2562e43 100644 --- a/cloudasset/v1p1beta1/cloudasset-api.json +++ b/cloudasset/v1p1beta1/cloudasset-api.json @@ -207,7 +207,7 @@ } } }, - "revision": "20220528", + "revision": "20220617", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -863,7 +863,7 @@ "id": "GoogleIdentityAccesscontextmanagerV1EgressTo", "properties": { "externalResources": { - "description": "A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.", + "description": "A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.", "items": { "type": "string" }, diff --git a/cloudasset/v1p1beta1/cloudasset-gen.go b/cloudasset/v1p1beta1/cloudasset-gen.go index bc2a2564612..9c246a1c8ef 100644 --- a/cloudasset/v1p1beta1/cloudasset-gen.go +++ b/cloudasset/v1p1beta1/cloudasset-gen.go @@ -1501,8 +1501,12 @@ func (s *GoogleIdentityAccesscontextmanagerV1EgressPolicy) MarshalJSON() ([]byte // fields in order to be allowed egress out of the perimeter. type GoogleIdentityAccesscontextmanagerV1EgressTo struct { // ExternalResources: A list of external resources that are allowed to - // be accessed. A request matches if it contains an external resource in - // this list (Example: s3://bucket/path). Currently '*' is not allowed. + // be accessed. Only AWS and Azure resources are supported. For Amazon + // S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the + // supported format is + // azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request + // matches if it contains an external resource in this list (Example: + // s3://bucket/path). Currently '*' is not allowed. ExternalResources []string `json:"externalResources,omitempty"` // Operations: A list of ApiOperations allowed to be performed by the diff --git a/cloudasset/v1p5beta1/cloudasset-api.json b/cloudasset/v1p5beta1/cloudasset-api.json index 07a85f75b99..cd854e2d278 100644 --- a/cloudasset/v1p5beta1/cloudasset-api.json +++ b/cloudasset/v1p5beta1/cloudasset-api.json @@ -177,7 +177,7 @@ } } }, - "revision": "20220528", + "revision": "20220617", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -868,7 +868,7 @@ "id": "GoogleIdentityAccesscontextmanagerV1EgressTo", "properties": { "externalResources": { - "description": "A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.", + "description": "A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.", "items": { "type": "string" }, diff --git a/cloudasset/v1p5beta1/cloudasset-gen.go b/cloudasset/v1p5beta1/cloudasset-gen.go index 8ec0525824b..aa01f5f288d 100644 --- a/cloudasset/v1p5beta1/cloudasset-gen.go +++ b/cloudasset/v1p5beta1/cloudasset-gen.go @@ -1542,8 +1542,12 @@ func (s *GoogleIdentityAccesscontextmanagerV1EgressPolicy) MarshalJSON() ([]byte // fields in order to be allowed egress out of the perimeter. type GoogleIdentityAccesscontextmanagerV1EgressTo struct { // ExternalResources: A list of external resources that are allowed to - // be accessed. A request matches if it contains an external resource in - // this list (Example: s3://bucket/path). Currently '*' is not allowed. + // be accessed. Only AWS and Azure resources are supported. For Amazon + // S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the + // supported format is + // azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request + // matches if it contains an external resource in this list (Example: + // s3://bucket/path). Currently '*' is not allowed. ExternalResources []string `json:"externalResources,omitempty"` // Operations: A list of ApiOperations allowed to be performed by the diff --git a/cloudasset/v1p7beta1/cloudasset-api.json b/cloudasset/v1p7beta1/cloudasset-api.json index 0a5d4c103b0..493ac95f4d1 100644 --- a/cloudasset/v1p7beta1/cloudasset-api.json +++ b/cloudasset/v1p7beta1/cloudasset-api.json @@ -167,7 +167,7 @@ } } }, - "revision": "20220528", + "revision": "20220617", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -937,7 +937,7 @@ "id": "GoogleIdentityAccesscontextmanagerV1EgressTo", "properties": { "externalResources": { - "description": "A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.", + "description": "A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.", "items": { "type": "string" }, diff --git a/cloudasset/v1p7beta1/cloudasset-gen.go b/cloudasset/v1p7beta1/cloudasset-gen.go index 0f559631836..04e68c367ac 100644 --- a/cloudasset/v1p7beta1/cloudasset-gen.go +++ b/cloudasset/v1p7beta1/cloudasset-gen.go @@ -1753,8 +1753,12 @@ func (s *GoogleIdentityAccesscontextmanagerV1EgressPolicy) MarshalJSON() ([]byte // fields in order to be allowed egress out of the perimeter. type GoogleIdentityAccesscontextmanagerV1EgressTo struct { // ExternalResources: A list of external resources that are allowed to - // be accessed. A request matches if it contains an external resource in - // this list (Example: s3://bucket/path). Currently '*' is not allowed. + // be accessed. Only AWS and Azure resources are supported. For Amazon + // S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the + // supported format is + // azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request + // matches if it contains an external resource in this list (Example: + // s3://bucket/path). Currently '*' is not allowed. ExternalResources []string `json:"externalResources,omitempty"` // Operations: A list of ApiOperations allowed to be performed by the diff --git a/cloudsearch/v1/cloudsearch-api.json b/cloudsearch/v1/cloudsearch-api.json index 401dd53f4de..50e341e13a0 100644 --- a/cloudsearch/v1/cloudsearch-api.json +++ b/cloudsearch/v1/cloudsearch-api.json @@ -1994,7 +1994,7 @@ } } }, - "revision": "20220530", + "revision": "20220613", "rootUrl": "https://cloudsearch.googleapis.com/", "schemas": { "AclInfo": { @@ -4252,6 +4252,13 @@ }, "type": "array" }, + "phoneNumbers": { + "description": "The person's phone numbers", + "items": { + "$ref": "PhoneNumber" + }, + "type": "array" + }, "photos": { "description": "A person's read-only photo. A picture shown next to the person's name to help others recognize the person in search results.", "items": { @@ -4262,6 +4269,30 @@ }, "type": "object" }, + "PhoneNumber": { + "description": "A person's Phone Number", + "id": "PhoneNumber", + "properties": { + "phoneNumber": { + "description": "The phone number of the person.", + "type": "string" + }, + "type": { + "enum": [ + "OTHER", + "MOBILE", + "OFFICE" + ], + "enumDescriptions": [ + "", + "", + "" + ], + "type": "string" + } + }, + "type": "object" + }, "Photo": { "description": "A person's photo.", "id": "Photo", diff --git a/cloudsearch/v1/cloudsearch-gen.go b/cloudsearch/v1/cloudsearch-gen.go index a69eb2e1c69..a94be26fd1b 100644 --- a/cloudsearch/v1/cloudsearch-gen.go +++ b/cloudsearch/v1/cloudsearch-gen.go @@ -4632,6 +4632,9 @@ type Person struct { // PersonNames: The person's name PersonNames []*Name `json:"personNames,omitempty"` + // PhoneNumbers: The person's phone numbers + PhoneNumbers []*PhoneNumber `json:"phoneNumbers,omitempty"` + // Photos: A person's read-only photo. A picture shown next to the // person's name to help others recognize the person in search results. Photos []*Photo `json:"photos,omitempty"` @@ -4660,6 +4663,40 @@ func (s *Person) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// PhoneNumber: A person's Phone Number +type PhoneNumber struct { + // PhoneNumber: The phone number of the person. + PhoneNumber string `json:"phoneNumber,omitempty"` + + // Possible values: + // "OTHER" + // "MOBILE" + // "OFFICE" + Type string `json:"type,omitempty"` + + // ForceSendFields is a list of field names (e.g. "PhoneNumber") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "PhoneNumber") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *PhoneNumber) MarshalJSON() ([]byte, error) { + type NoMethod PhoneNumber + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // Photo: A person's photo. type Photo struct { // Url: The URL of the photo. diff --git a/gkehub/v1/gkehub-api.json b/gkehub/v1/gkehub-api.json index 167e0803618..7dd9705a6df 100644 --- a/gkehub/v1/gkehub-api.json +++ b/gkehub/v1/gkehub-api.json @@ -905,7 +905,7 @@ } } }, - "revision": "20220530", + "revision": "20220613", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { "AnthosVMMembershipSpec": { @@ -2677,6 +2677,24 @@ "readOnly": true, "type": "boolean" }, + "clusterType": { + "description": "Immutable. The on prem cluster's type.", + "enum": [ + "CLUSTERTYPE_UNSPECIFIED", + "BOOTSTRAP", + "HYBRID", + "STANDALONE", + "USER" + ], + "enumDescriptions": [ + "The ClusterType is not set.", + "The ClusterType is bootstrap cluster.", + "The ClusterType is baremetal hybrid cluster.", + "The ClusterType is baremetal standalone cluster.", + "The ClusterType is user cluster." + ], + "type": "string" + }, "resourceLink": { "description": "Immutable. Self-link of the GCP resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster", "type": "string" diff --git a/gkehub/v1/gkehub-gen.go b/gkehub/v1/gkehub-gen.go index 30cd74528ed..295f0e7125a 100644 --- a/gkehub/v1/gkehub-gen.go +++ b/gkehub/v1/gkehub-gen.go @@ -3072,6 +3072,16 @@ type OnPremCluster struct { // On-Prem cluster no longer exists. ClusterMissing bool `json:"clusterMissing,omitempty"` + // ClusterType: Immutable. The on prem cluster's type. + // + // Possible values: + // "CLUSTERTYPE_UNSPECIFIED" - The ClusterType is not set. + // "BOOTSTRAP" - The ClusterType is bootstrap cluster. + // "HYBRID" - The ClusterType is baremetal hybrid cluster. + // "STANDALONE" - The ClusterType is baremetal standalone cluster. + // "USER" - The ClusterType is user cluster. + ClusterType string `json:"clusterType,omitempty"` + // ResourceLink: Immutable. Self-link of the GCP resource for the GKE // On-Prem cluster. For example: // //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vm diff --git a/gkehub/v1alpha/gkehub-api.json b/gkehub/v1alpha/gkehub-api.json index 2cddc3bcf67..8f08cc18b4a 100644 --- a/gkehub/v1alpha/gkehub-api.json +++ b/gkehub/v1alpha/gkehub-api.json @@ -1151,7 +1151,7 @@ } } }, - "revision": "20220603", + "revision": "20220613", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { "AnthosObservabilityFeatureSpec": { @@ -3276,6 +3276,24 @@ "readOnly": true, "type": "boolean" }, + "clusterType": { + "description": "Immutable. The on prem cluster's type.", + "enum": [ + "CLUSTERTYPE_UNSPECIFIED", + "BOOTSTRAP", + "HYBRID", + "STANDALONE", + "USER" + ], + "enumDescriptions": [ + "The ClusterType is not set.", + "The ClusterType is bootstrap cluster.", + "The ClusterType is baremetal hybrid cluster.", + "The ClusterType is baremetal standalone cluster.", + "The ClusterType is user cluster." + ], + "type": "string" + }, "resourceLink": { "description": "Immutable. Self-link of the GCP resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster", "type": "string" diff --git a/gkehub/v1alpha/gkehub-gen.go b/gkehub/v1alpha/gkehub-gen.go index 0c6b2a057aa..ce856223fdd 100644 --- a/gkehub/v1alpha/gkehub-gen.go +++ b/gkehub/v1alpha/gkehub-gen.go @@ -3697,6 +3697,16 @@ type OnPremCluster struct { // On-Prem cluster no longer exists. ClusterMissing bool `json:"clusterMissing,omitempty"` + // ClusterType: Immutable. The on prem cluster's type. + // + // Possible values: + // "CLUSTERTYPE_UNSPECIFIED" - The ClusterType is not set. + // "BOOTSTRAP" - The ClusterType is bootstrap cluster. + // "HYBRID" - The ClusterType is baremetal hybrid cluster. + // "STANDALONE" - The ClusterType is baremetal standalone cluster. + // "USER" - The ClusterType is user cluster. + ClusterType string `json:"clusterType,omitempty"` + // ResourceLink: Immutable. Self-link of the GCP resource for the GKE // On-Prem cluster. For example: // //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vm diff --git a/gkehub/v1alpha2/gkehub-api.json b/gkehub/v1alpha2/gkehub-api.json index 1f9d8d94ceb..7d060f7574b 100644 --- a/gkehub/v1alpha2/gkehub-api.json +++ b/gkehub/v1alpha2/gkehub-api.json @@ -652,7 +652,7 @@ } } }, - "revision": "20220530", + "revision": "20220613", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { "ApplianceCluster": { @@ -1245,6 +1245,24 @@ "readOnly": true, "type": "boolean" }, + "clusterType": { + "description": "Immutable. The on prem cluster's type.", + "enum": [ + "CLUSTERTYPE_UNSPECIFIED", + "BOOTSTRAP", + "HYBRID", + "STANDALONE", + "USER" + ], + "enumDescriptions": [ + "The ClusterType is not set.", + "The ClusterType is bootstrap cluster.", + "The ClusterType is baremetal hybrid cluster.", + "The ClusterType is baremetal standalone cluster.", + "The ClusterType is user cluster." + ], + "type": "string" + }, "resourceLink": { "description": "Immutable. Self-link of the GCP resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster", "type": "string" diff --git a/gkehub/v1alpha2/gkehub-gen.go b/gkehub/v1alpha2/gkehub-gen.go index d7c465193e1..4e800b2c957 100644 --- a/gkehub/v1alpha2/gkehub-gen.go +++ b/gkehub/v1alpha2/gkehub-gen.go @@ -1299,6 +1299,16 @@ type OnPremCluster struct { // On-Prem cluster no longer exists. ClusterMissing bool `json:"clusterMissing,omitempty"` + // ClusterType: Immutable. The on prem cluster's type. + // + // Possible values: + // "CLUSTERTYPE_UNSPECIFIED" - The ClusterType is not set. + // "BOOTSTRAP" - The ClusterType is bootstrap cluster. + // "HYBRID" - The ClusterType is baremetal hybrid cluster. + // "STANDALONE" - The ClusterType is baremetal standalone cluster. + // "USER" - The ClusterType is user cluster. + ClusterType string `json:"clusterType,omitempty"` + // ResourceLink: Immutable. Self-link of the GCP resource for the GKE // On-Prem cluster. For example: // //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vm diff --git a/gkehub/v1beta1/gkehub-api.json b/gkehub/v1beta1/gkehub-api.json index bf790618685..74fd4010e6f 100644 --- a/gkehub/v1beta1/gkehub-api.json +++ b/gkehub/v1beta1/gkehub-api.json @@ -706,7 +706,7 @@ } } }, - "revision": "20220530", + "revision": "20220613", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { "ApplianceCluster": { @@ -1301,6 +1301,24 @@ "readOnly": true, "type": "boolean" }, + "clusterType": { + "description": "Immutable. The on prem cluster's type.", + "enum": [ + "CLUSTERTYPE_UNSPECIFIED", + "BOOTSTRAP", + "HYBRID", + "STANDALONE", + "USER" + ], + "enumDescriptions": [ + "The ClusterType is not set.", + "The ClusterType is bootstrap cluster.", + "The ClusterType is baremetal hybrid cluster.", + "The ClusterType is baremetal standalone cluster.", + "The ClusterType is user cluster." + ], + "type": "string" + }, "resourceLink": { "description": "Immutable. Self-link of the GCP resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster", "type": "string" diff --git a/gkehub/v1beta1/gkehub-gen.go b/gkehub/v1beta1/gkehub-gen.go index 5cb6837abe4..515b142a024 100644 --- a/gkehub/v1beta1/gkehub-gen.go +++ b/gkehub/v1beta1/gkehub-gen.go @@ -1274,6 +1274,16 @@ type OnPremCluster struct { // On-Prem cluster no longer exists. ClusterMissing bool `json:"clusterMissing,omitempty"` + // ClusterType: Immutable. The on prem cluster's type. + // + // Possible values: + // "CLUSTERTYPE_UNSPECIFIED" - The ClusterType is not set. + // "BOOTSTRAP" - The ClusterType is bootstrap cluster. + // "HYBRID" - The ClusterType is baremetal hybrid cluster. + // "STANDALONE" - The ClusterType is baremetal standalone cluster. + // "USER" - The ClusterType is user cluster. + ClusterType string `json:"clusterType,omitempty"` + // ResourceLink: Immutable. Self-link of the GCP resource for the GKE // On-Prem cluster. For example: // //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vm diff --git a/metastore/v1alpha/metastore-api.json b/metastore/v1alpha/metastore-api.json index 4d2eb2acd0a..b380c73a74d 100644 --- a/metastore/v1alpha/metastore-api.json +++ b/metastore/v1alpha/metastore-api.json @@ -179,6 +179,99 @@ "resources": { "federations": { "methods": { + "create": { + "description": "Creates a metastore federation in a project and location.", + "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations", + "httpMethod": "POST", + "id": "metastore.projects.locations.federations.create", + "parameterOrder": [ + "parent" + ], + "parameters": { + "federationId": { + "description": "Required. The ID of the metastore federation, which is used as the final component of the metastore federation's name.This value must be between 2 and 63 characters long inclusive, begin with a letter, end with a letter or number, and consist of alpha-numeric ASCII characters or hyphens.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The relative resource name of the location in which to create a federation service, in the following form:projects/{project_number}/locations/{location_id}.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. A request ID. Specify a unique request ID to allow the server to ignore the request if it has completed. The server will ignore subsequent requests that provide a duplicate request ID for at least 60 minutes after the first request.For example, if an initial request times out, followed by another request with the same request ID, the server ignores the second request to prevent the creation of duplicate commitments.The request ID must be a valid UUID (https://en.wikipedia.org/wiki/Universally_unique_identifier#Format) A zero UUID (00000000-0000-0000-0000-000000000000) is not supported.", + "location": "query", + "type": "string" + } + }, + "path": "v1alpha/{+parent}/federations", + "request": { + "$ref": "Federation" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Deletes a single federation.", + "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations/{federationsId}", + "httpMethod": "DELETE", + "id": "metastore.projects.locations.federations.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The relative resource name of the metastore federation to delete, in the following form:projects/{project_number}/locations/{location_id}/federations/{federation_id}.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/federations/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. A request ID. Specify a unique request ID to allow the server to ignore the request if it has completed. The server will ignore subsequent requests that provide a duplicate request ID for at least 60 minutes after the first request.For example, if an initial request times out, followed by another request with the same request ID, the server ignores the second request to prevent the creation of duplicate commitments.The request ID must be a valid UUID (https://en.wikipedia.org/wiki/Universally_unique_identifier#Format) A zero UUID (00000000-0000-0000-0000-000000000000) is not supported.", + "location": "query", + "type": "string" + } + }, + "path": "v1alpha/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "Gets the details of a single federation.", + "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations/{federationsId}", + "httpMethod": "GET", + "id": "metastore.projects.locations.federations.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The relative resource name of the metastore federation to retrieve, in the following form:projects/{project_number}/locations/{location_id}/federations/{federation_id}.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/federations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1alpha/{+name}", + "response": { + "$ref": "Federation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, "getIamPolicy": { "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations/{federationsId}:getIamPolicy", @@ -210,6 +303,91 @@ "https://www.googleapis.com/auth/cloud-platform" ] }, + "list": { + "description": "Lists federations in a project and location.", + "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations", + "httpMethod": "GET", + "id": "metastore.projects.locations.federations.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Optional. The filter to apply to list results.", + "location": "query", + "type": "string" + }, + "orderBy": { + "description": "Optional. Specify the ordering of results as described in Sorting Order (https://cloud.google.com/apis/design/design_patterns#sorting_order). If not specified, the results will be sorted in the default order.", + "location": "query", + "type": "string" + }, + "pageSize": { + "description": "Optional. The maximum number of federations to return. The response may contain less than the maximum number. If unspecified, no more than 500 services are returned. The maximum value is 1000; values above 1000 are changed to 1000.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A page token, received from a previous ListFederationServices call. Provide this token to retrieve the subsequent page.To retrieve the first page, supply an empty page token.When paginating, other parameters provided to ListFederationServices must match the call that provided the page token.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The relative resource name of the location of metastore federations to list, in the following form: projects/{project_number}/locations/{location_id}.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1alpha/{+parent}/federations", + "response": { + "$ref": "ListFederationsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Updates the fields of a federation.", + "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations/{federationsId}", + "httpMethod": "PATCH", + "id": "metastore.projects.locations.federations.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Immutable. The relative resource name of the federation, of the form: projects/{project_number}/locations/{location_id}/federations/{federation_id}`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/federations/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. A request ID. Specify a unique request ID to allow the server to ignore the request if it has completed. The server will ignore subsequent requests that provide a duplicate request ID for at least 60 minutes after the first request.For example, if an initial request times out, followed by another request with the same request ID, the server ignores the second request to prevent the creation of duplicate commitments.The request ID must be a valid UUID (https://en.wikipedia.org/wiki/Universally_unique_identifier#Format) A zero UUID (00000000-0000-0000-0000-000000000000) is not supported.", + "location": "query", + "type": "string" + }, + "updateMask": { + "description": "Required. A field mask used to specify the fields to be overwritten in the metastore federation resource by the update. Fields specified in the update_mask are relative to the resource (not to the full request). A field is overwritten if it is in the mask.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v1alpha/{+name}", + "request": { + "$ref": "Federation" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, "setIamPolicy": { "description": "Sets the access control policy on the specified resource. Replaces any existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.", "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations/{federationsId}:setIamPolicy", @@ -1289,7 +1467,7 @@ } } }, - "revision": "20220512", + "revision": "20220615", "rootUrl": "https://metastore.googleapis.com/", "schemas": { "AuditConfig": { @@ -1363,6 +1541,29 @@ }, "type": "object" }, + "BackendMetastore": { + "description": "Represents a backend metastore for the federation.", + "id": "BackendMetastore", + "properties": { + "metastoreType": { + "description": "The type of the backend metastore.", + "enum": [ + "METASTORE_TYPE_UNSPECIFIED", + "DATAPROC_METASTORE" + ], + "enumDescriptions": [ + "The metastore type is not set.", + "The backend metastore is Dataproc Metastore." + ], + "type": "string" + }, + "name": { + "description": "The relative resource name of the metastore that is being federated. The formats of the relative resource names for the currently supported metastores are listed below: Dataplex: projects/{project_id}/locations/{location}/lakes/{lake_id} BigQuery: projects/{project_id} Dataproc Metastore: projects/{project_id}/locations/{location}/services/{service_id}", + "type": "string" + } + }, + "type": "object" + }, "Backup": { "description": "The details of a backup resource.", "id": "Backup", @@ -1597,6 +1798,83 @@ }, "type": "object" }, + "Federation": { + "description": "Represents a federation of multiple backend metastores.", + "id": "Federation", + "properties": { + "backendMetastores": { + "additionalProperties": { + "$ref": "BackendMetastore" + }, + "description": "A map from BackendMetastore rank to BackendMetastores from which the federation service serves metadata at query time. The map key is an integer that represents the order in which BackendMetastores should be evaluated to resolve database names at query time. A BackendMetastore with a lower number will be evaluated before a BackendMetastore with a higher number.", + "type": "object" + }, + "createTime": { + "description": "Output only. The time when the metastore federation was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "endpointUri": { + "description": "Output only. The federation endpoint.", + "readOnly": true, + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "User-defined labels for the metastore federation.", + "type": "object" + }, + "name": { + "description": "Immutable. The relative resource name of the federation, of the form: projects/{project_number}/locations/{location_id}/federations/{federation_id}`.", + "type": "string" + }, + "state": { + "description": "Output only. The current state of the federation.", + "enum": [ + "STATE_UNSPECIFIED", + "CREATING", + "ACTIVE", + "UPDATING", + "DELETING", + "ERROR" + ], + "enumDescriptions": [ + "The state of the metastore federation is unknown.", + "The metastore federation is in the process of being created.", + "The metastore federation is running and ready to serve queries.", + "The metastore federation is being updated. It remains usable but cannot accept additional update requests or be deleted at this time.", + "The metastore federation is undergoing deletion. It cannot be used.", + "The metastore federation has encountered an error and cannot be used. The metastore federation should be deleted." + ], + "readOnly": true, + "type": "string" + }, + "stateMessage": { + "description": "Output only. Additional information about the current state of the metastore federation, if available.", + "readOnly": true, + "type": "string" + }, + "uid": { + "description": "Output only. The globally unique resource identifier of the metastore federation.", + "readOnly": true, + "type": "string" + }, + "updateTime": { + "description": "Output only. The time when the metastore federation was last updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "version": { + "description": "Immutable. The Apache Hive metastore version of the federation. All backend metastore versions must be compatible with the federation version.", + "type": "string" + } + }, + "type": "object" + }, "HiveMetastoreConfig": { "description": "Specifies configuration information specific to running Hive metastore software as the metastore service.", "id": "HiveMetastoreConfig", @@ -1710,6 +1988,31 @@ }, "type": "object" }, + "ListFederationsResponse": { + "description": "Response message for ListFederations", + "id": "ListFederationsResponse", + "properties": { + "federations": { + "description": "The services in the specified location.", + "items": { + "$ref": "Federation" + }, + "type": "array" + }, + "nextPageToken": { + "description": "A token that can be sent as page_token to retrieve the next page. If this field is omitted, there are no subsequent pages.", + "type": "string" + }, + "unreachable": { + "description": "Locations that could not be reached.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "ListLocationsResponse": { "description": "The response message for Locations.ListLocations.", "id": "ListLocationsResponse", diff --git a/metastore/v1alpha/metastore-gen.go b/metastore/v1alpha/metastore-gen.go index f68278220cb..9ccb6be06e5 100644 --- a/metastore/v1alpha/metastore-gen.go +++ b/metastore/v1alpha/metastore-gen.go @@ -382,6 +382,46 @@ func (s *AuxiliaryVersionConfig) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// BackendMetastore: Represents a backend metastore for the federation. +type BackendMetastore struct { + // MetastoreType: The type of the backend metastore. + // + // Possible values: + // "METASTORE_TYPE_UNSPECIFIED" - The metastore type is not set. + // "DATAPROC_METASTORE" - The backend metastore is Dataproc Metastore. + MetastoreType string `json:"metastoreType,omitempty"` + + // Name: The relative resource name of the metastore that is being + // federated. The formats of the relative resource names for the + // currently supported metastores are listed below: Dataplex: + // projects/{project_id}/locations/{location}/lakes/{lake_id} BigQuery: + // projects/{project_id} Dataproc Metastore: + // projects/{project_id}/locations/{location}/services/{service_id} + Name string `json:"name,omitempty"` + + // ForceSendFields is a list of field names (e.g. "MetastoreType") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "MetastoreType") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *BackendMetastore) MarshalJSON() ([]byte, error) { + type NoMethod BackendMetastore + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // Backup: The details of a backup resource. type Backup struct { // CreateTime: Output only. The time when the backup was started. @@ -824,6 +864,95 @@ func (s *Expr) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// Federation: Represents a federation of multiple backend metastores. +type Federation struct { + // BackendMetastores: A map from BackendMetastore rank to + // BackendMetastores from which the federation service serves metadata + // at query time. The map key is an integer that represents the order in + // which BackendMetastores should be evaluated to resolve database names + // at query time. A BackendMetastore with a lower number will be + // evaluated before a BackendMetastore with a higher number. + BackendMetastores map[string]BackendMetastore `json:"backendMetastores,omitempty"` + + // CreateTime: Output only. The time when the metastore federation was + // created. + CreateTime string `json:"createTime,omitempty"` + + // EndpointUri: Output only. The federation endpoint. + EndpointUri string `json:"endpointUri,omitempty"` + + // Labels: User-defined labels for the metastore federation. + Labels map[string]string `json:"labels,omitempty"` + + // Name: Immutable. The relative resource name of the federation, of the + // form: + // projects/{project_number}/locations/{location_id}/federations/{federat + // ion_id}`. + Name string `json:"name,omitempty"` + + // State: Output only. The current state of the federation. + // + // Possible values: + // "STATE_UNSPECIFIED" - The state of the metastore federation is + // unknown. + // "CREATING" - The metastore federation is in the process of being + // created. + // "ACTIVE" - The metastore federation is running and ready to serve + // queries. + // "UPDATING" - The metastore federation is being updated. It remains + // usable but cannot accept additional update requests or be deleted at + // this time. + // "DELETING" - The metastore federation is undergoing deletion. It + // cannot be used. + // "ERROR" - The metastore federation has encountered an error and + // cannot be used. The metastore federation should be deleted. + State string `json:"state,omitempty"` + + // StateMessage: Output only. Additional information about the current + // state of the metastore federation, if available. + StateMessage string `json:"stateMessage,omitempty"` + + // Uid: Output only. The globally unique resource identifier of the + // metastore federation. + Uid string `json:"uid,omitempty"` + + // UpdateTime: Output only. The time when the metastore federation was + // last updated. + UpdateTime string `json:"updateTime,omitempty"` + + // Version: Immutable. The Apache Hive metastore version of the + // federation. All backend metastore versions must be compatible with + // the federation version. + Version string `json:"version,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "BackendMetastores") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "BackendMetastores") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *Federation) MarshalJSON() ([]byte, error) { + type NoMethod Federation + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // HiveMetastoreConfig: Specifies configuration information specific to // running Hive metastore software as the metastore service. type HiveMetastoreConfig struct { @@ -1034,6 +1163,45 @@ func (s *ListBackupsResponse) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// ListFederationsResponse: Response message for ListFederations +type ListFederationsResponse struct { + // Federations: The services in the specified location. + Federations []*Federation `json:"federations,omitempty"` + + // NextPageToken: A token that can be sent as page_token to retrieve the + // next page. If this field is omitted, there are no subsequent pages. + NextPageToken string `json:"nextPageToken,omitempty"` + + // Unreachable: Locations that could not be reached. + Unreachable []string `json:"unreachable,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "Federations") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Federations") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ListFederationsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListFederationsResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // ListLocationsResponse: The response message for // Locations.ListLocations. type ListLocationsResponse struct { @@ -2590,118 +2758,116 @@ func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocat } } -// method id "metastore.projects.locations.federations.getIamPolicy": +// method id "metastore.projects.locations.federations.create": -type ProjectsLocationsFederationsGetIamPolicyCall struct { - s *APIService - resource string - urlParams_ gensupport.URLParams - ifNoneMatch_ string - ctx_ context.Context - header_ http.Header +type ProjectsLocationsFederationsCreateCall struct { + s *APIService + parent string + federation *Federation + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header } -// GetIamPolicy: Gets the access control policy for a resource. Returns -// an empty policy if the resource exists and does not have a policy -// set. +// Create: Creates a metastore federation in a project and location. // -// - resource: REQUIRED: The resource for which the policy is being -// requested. See Resource names -// (https://cloud.google.com/apis/design/resource_names) for the -// appropriate value for this field. -func (r *ProjectsLocationsFederationsService) GetIamPolicy(resource string) *ProjectsLocationsFederationsGetIamPolicyCall { - c := &ProjectsLocationsFederationsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.resource = resource +// - parent: The relative resource name of the location in which to +// create a federation service, in the following +// form:projects/{project_number}/locations/{location_id}. +func (r *ProjectsLocationsFederationsService) Create(parent string, federation *Federation) *ProjectsLocationsFederationsCreateCall { + c := &ProjectsLocationsFederationsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent + c.federation = federation return c } -// OptionsRequestedPolicyVersion sets the optional parameter -// "options.requestedPolicyVersion": The maximum policy version that -// will be used to format the policy.Valid values are 0, 1, and 3. -// Requests specifying an invalid value will be rejected.Requests for -// policies with any conditional role bindings must specify version 3. -// Policies with no conditional role bindings may specify any valid -// value or leave the field unset.The policy in the response might use -// the policy version that you specified, or it might use a lower policy -// version. For example, if you specify version 3, but the policy has no -// conditional role bindings, the response uses version 1.To learn which -// resources support conditions in their IAM policies, see the IAM -// documentation -// (https://cloud.google.com/iam/help/conditions/resource-policies). -func (c *ProjectsLocationsFederationsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsFederationsGetIamPolicyCall { - c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) +// FederationId sets the optional parameter "federationId": Required. +// The ID of the metastore federation, which is used as the final +// component of the metastore federation's name.This value must be +// between 2 and 63 characters long inclusive, begin with a letter, end +// with a letter or number, and consist of alpha-numeric ASCII +// characters or hyphens. +func (c *ProjectsLocationsFederationsCreateCall) FederationId(federationId string) *ProjectsLocationsFederationsCreateCall { + c.urlParams_.Set("federationId", federationId) + return c +} + +// RequestId sets the optional parameter "requestId": A request ID. +// Specify a unique request ID to allow the server to ignore the request +// if it has completed. The server will ignore subsequent requests that +// provide a duplicate request ID for at least 60 minutes after the +// first request.For example, if an initial request times out, followed +// by another request with the same request ID, the server ignores the +// second request to prevent the creation of duplicate commitments.The +// request ID must be a valid UUID +// (https://en.wikipedia.org/wiki/Universally_unique_identifier#Format) +// A zero UUID (00000000-0000-0000-0000-000000000000) is not supported. +func (c *ProjectsLocationsFederationsCreateCall) RequestId(requestId string) *ProjectsLocationsFederationsCreateCall { + c.urlParams_.Set("requestId", requestId) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse // for more information. -func (c *ProjectsLocationsFederationsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsFederationsGetIamPolicyCall { +func (c *ProjectsLocationsFederationsCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsFederationsCreateCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } -// IfNoneMatch sets the optional parameter which makes the operation -// fail if the object's ETag matches the given value. This is useful for -// getting updates only after the object has changed since the last -// request. Use googleapi.IsNotModified to check whether the response -// error from Do is the result of In-None-Match. -func (c *ProjectsLocationsFederationsGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsFederationsGetIamPolicyCall { - c.ifNoneMatch_ = entityTag - return c -} - // Context sets the context to be used in this call's Do method. Any // pending HTTP request will be aborted if the provided context is // canceled. -func (c *ProjectsLocationsFederationsGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsFederationsGetIamPolicyCall { +func (c *ProjectsLocationsFederationsCreateCall) Context(ctx context.Context) *ProjectsLocationsFederationsCreateCall { c.ctx_ = ctx return c } // Header returns an http.Header that can be modified by the caller to // add HTTP headers to the request. -func (c *ProjectsLocationsFederationsGetIamPolicyCall) Header() http.Header { +func (c *ProjectsLocationsFederationsCreateCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *ProjectsLocationsFederationsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { +func (c *ProjectsLocationsFederationsCreateCall) doRequest(alt string) (*http.Response, error) { reqHeaders := make(http.Header) reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) for k, v := range c.header_ { reqHeaders[k] = v } reqHeaders.Set("User-Agent", c.s.userAgent()) - if c.ifNoneMatch_ != "" { - reqHeaders.Set("If-None-Match", c.ifNoneMatch_) - } var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.federation) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+resource}:getIamPolicy") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+parent}/federations") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("GET", urls, body) + req, err := http.NewRequest("POST", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "resource": c.resource, + "parent": c.parent, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "metastore.projects.locations.federations.getIamPolicy" call. -// Exactly one of *Policy or error will be non-nil. Any non-2xx status -// code is an error. Response headers are in either -// *Policy.ServerResponse.Header or (if a response was returned at all) -// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to -// check whether the returned error was because http.StatusNotModified -// was returned. -func (c *ProjectsLocationsFederationsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { +// Do executes the "metastore.projects.locations.federations.create" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsFederationsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -2720,7 +2886,7 @@ func (c *ProjectsLocationsFederationsGetIamPolicyCall) Do(opts ...googleapi.Call if err := googleapi.CheckResponse(res); err != nil { return nil, err } - ret := &Policy{ + ret := &Operation{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -2732,31 +2898,925 @@ func (c *ProjectsLocationsFederationsGetIamPolicyCall) Do(opts ...googleapi.Call } return ret, nil // { - // "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", - // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations/{federationsId}:getIamPolicy", - // "httpMethod": "GET", - // "id": "metastore.projects.locations.federations.getIamPolicy", + // "description": "Creates a metastore federation in a project and location.", + // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations", + // "httpMethod": "POST", + // "id": "metastore.projects.locations.federations.create", // "parameterOrder": [ - // "resource" + // "parent" // ], // "parameters": { - // "options.requestedPolicyVersion": { - // "description": "Optional. The maximum policy version that will be used to format the policy.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset.The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).", - // "format": "int32", + // "federationId": { + // "description": "Required. The ID of the metastore federation, which is used as the final component of the metastore federation's name.This value must be between 2 and 63 characters long inclusive, begin with a letter, end with a letter or number, and consist of alpha-numeric ASCII characters or hyphens.", // "location": "query", - // "type": "integer" + // "type": "string" // }, - // "resource": { - // "description": "REQUIRED: The resource for which the policy is being requested. See Resource names (https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "parent": { + // "description": "Required. The relative resource name of the location in which to create a federation service, in the following form:projects/{project_number}/locations/{location_id}.", // "location": "path", - // "pattern": "^projects/[^/]+/locations/[^/]+/federations/[^/]+$", + // "pattern": "^projects/[^/]+/locations/[^/]+$", // "required": true, // "type": "string" + // }, + // "requestId": { + // "description": "Optional. A request ID. Specify a unique request ID to allow the server to ignore the request if it has completed. The server will ignore subsequent requests that provide a duplicate request ID for at least 60 minutes after the first request.For example, if an initial request times out, followed by another request with the same request ID, the server ignores the second request to prevent the creation of duplicate commitments.The request ID must be a valid UUID (https://en.wikipedia.org/wiki/Universally_unique_identifier#Format) A zero UUID (00000000-0000-0000-0000-000000000000) is not supported.", + // "location": "query", + // "type": "string" // } // }, - // "path": "v1alpha/{+resource}:getIamPolicy", + // "path": "v1alpha/{+parent}/federations", + // "request": { + // "$ref": "Federation" + // }, // "response": { - // "$ref": "Policy" + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "metastore.projects.locations.federations.delete": + +type ProjectsLocationsFederationsDeleteCall struct { + s *APIService + name string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Deletes a single federation. +// +// - name: The relative resource name of the metastore federation to +// delete, in the following +// form:projects/{project_number}/locations/{location_id}/federations/{ +// federation_id}. +func (r *ProjectsLocationsFederationsService) Delete(name string) *ProjectsLocationsFederationsDeleteCall { + c := &ProjectsLocationsFederationsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// RequestId sets the optional parameter "requestId": A request ID. +// Specify a unique request ID to allow the server to ignore the request +// if it has completed. The server will ignore subsequent requests that +// provide a duplicate request ID for at least 60 minutes after the +// first request.For example, if an initial request times out, followed +// by another request with the same request ID, the server ignores the +// second request to prevent the creation of duplicate commitments.The +// request ID must be a valid UUID +// (https://en.wikipedia.org/wiki/Universally_unique_identifier#Format) +// A zero UUID (00000000-0000-0000-0000-000000000000) is not supported. +func (c *ProjectsLocationsFederationsDeleteCall) RequestId(requestId string) *ProjectsLocationsFederationsDeleteCall { + c.urlParams_.Set("requestId", requestId) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsFederationsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsFederationsDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsFederationsDeleteCall) Context(ctx context.Context) *ProjectsLocationsFederationsDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsFederationsDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsFederationsDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "metastore.projects.locations.federations.delete" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsFederationsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, &googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + } + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, err + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Deletes a single federation.", + // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations/{federationsId}", + // "httpMethod": "DELETE", + // "id": "metastore.projects.locations.federations.delete", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The relative resource name of the metastore federation to delete, in the following form:projects/{project_number}/locations/{location_id}/federations/{federation_id}.", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/federations/[^/]+$", + // "required": true, + // "type": "string" + // }, + // "requestId": { + // "description": "Optional. A request ID. Specify a unique request ID to allow the server to ignore the request if it has completed. The server will ignore subsequent requests that provide a duplicate request ID for at least 60 minutes after the first request.For example, if an initial request times out, followed by another request with the same request ID, the server ignores the second request to prevent the creation of duplicate commitments.The request ID must be a valid UUID (https://en.wikipedia.org/wiki/Universally_unique_identifier#Format) A zero UUID (00000000-0000-0000-0000-000000000000) is not supported.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v1alpha/{+name}", + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "metastore.projects.locations.federations.get": + +type ProjectsLocationsFederationsGetCall struct { + s *APIService + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Gets the details of a single federation. +// +// - name: The relative resource name of the metastore federation to +// retrieve, in the following +// form:projects/{project_number}/locations/{location_id}/federations/{ +// federation_id}. +func (r *ProjectsLocationsFederationsService) Get(name string) *ProjectsLocationsFederationsGetCall { + c := &ProjectsLocationsFederationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsFederationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsFederationsGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *ProjectsLocationsFederationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsFederationsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsFederationsGetCall) Context(ctx context.Context) *ProjectsLocationsFederationsGetCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsFederationsGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsFederationsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "metastore.projects.locations.federations.get" call. +// Exactly one of *Federation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Federation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsFederationsGetCall) Do(opts ...googleapi.CallOption) (*Federation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, &googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + } + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, err + } + ret := &Federation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Gets the details of a single federation.", + // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations/{federationsId}", + // "httpMethod": "GET", + // "id": "metastore.projects.locations.federations.get", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The relative resource name of the metastore federation to retrieve, in the following form:projects/{project_number}/locations/{location_id}/federations/{federation_id}.", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/federations/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1alpha/{+name}", + // "response": { + // "$ref": "Federation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "metastore.projects.locations.federations.getIamPolicy": + +type ProjectsLocationsFederationsGetIamPolicyCall struct { + s *APIService + resource string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// GetIamPolicy: Gets the access control policy for a resource. Returns +// an empty policy if the resource exists and does not have a policy +// set. +// +// - resource: REQUIRED: The resource for which the policy is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *ProjectsLocationsFederationsService) GetIamPolicy(resource string) *ProjectsLocationsFederationsGetIamPolicyCall { + c := &ProjectsLocationsFederationsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + return c +} + +// OptionsRequestedPolicyVersion sets the optional parameter +// "options.requestedPolicyVersion": The maximum policy version that +// will be used to format the policy.Valid values are 0, 1, and 3. +// Requests specifying an invalid value will be rejected.Requests for +// policies with any conditional role bindings must specify version 3. +// Policies with no conditional role bindings may specify any valid +// value or leave the field unset.The policy in the response might use +// the policy version that you specified, or it might use a lower policy +// version. For example, if you specify version 3, but the policy has no +// conditional role bindings, the response uses version 1.To learn which +// resources support conditions in their IAM policies, see the IAM +// documentation +// (https://cloud.google.com/iam/help/conditions/resource-policies). +func (c *ProjectsLocationsFederationsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsFederationsGetIamPolicyCall { + c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsFederationsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsFederationsGetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *ProjectsLocationsFederationsGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsFederationsGetIamPolicyCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsFederationsGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsFederationsGetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsFederationsGetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsFederationsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+resource}:getIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "metastore.projects.locations.federations.getIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *ProjectsLocationsFederationsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, &googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + } + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, err + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", + // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations/{federationsId}:getIamPolicy", + // "httpMethod": "GET", + // "id": "metastore.projects.locations.federations.getIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "options.requestedPolicyVersion": { + // "description": "Optional. The maximum policy version that will be used to format the policy.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset.The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being requested. See Resource names (https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/federations/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1alpha/{+resource}:getIamPolicy", + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "metastore.projects.locations.federations.list": + +type ProjectsLocationsFederationsListCall struct { + s *APIService + parent string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists federations in a project and location. +// +// - parent: The relative resource name of the location of metastore +// federations to list, in the following form: +// projects/{project_number}/locations/{location_id}. +func (r *ProjectsLocationsFederationsService) List(parent string) *ProjectsLocationsFederationsListCall { + c := &ProjectsLocationsFederationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent + return c +} + +// Filter sets the optional parameter "filter": The filter to apply to +// list results. +func (c *ProjectsLocationsFederationsListCall) Filter(filter string) *ProjectsLocationsFederationsListCall { + c.urlParams_.Set("filter", filter) + return c +} + +// OrderBy sets the optional parameter "orderBy": Specify the ordering +// of results as described in Sorting Order +// (https://cloud.google.com/apis/design/design_patterns#sorting_order). +// If not specified, the results will be sorted in the default order. +func (c *ProjectsLocationsFederationsListCall) OrderBy(orderBy string) *ProjectsLocationsFederationsListCall { + c.urlParams_.Set("orderBy", orderBy) + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of federations to return. The response may contain less than the +// maximum number. If unspecified, no more than 500 services are +// returned. The maximum value is 1000; values above 1000 are changed to +// 1000. +func (c *ProjectsLocationsFederationsListCall) PageSize(pageSize int64) *ProjectsLocationsFederationsListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A page token, +// received from a previous ListFederationServices call. Provide this +// token to retrieve the subsequent page.To retrieve the first page, +// supply an empty page token.When paginating, other parameters provided +// to ListFederationServices must match the call that provided the page +// token. +func (c *ProjectsLocationsFederationsListCall) PageToken(pageToken string) *ProjectsLocationsFederationsListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsFederationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsFederationsListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *ProjectsLocationsFederationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsFederationsListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsFederationsListCall) Context(ctx context.Context) *ProjectsLocationsFederationsListCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsFederationsListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsFederationsListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+parent}/federations") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "parent": c.parent, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "metastore.projects.locations.federations.list" call. +// Exactly one of *ListFederationsResponse or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *ListFederationsResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ProjectsLocationsFederationsListCall) Do(opts ...googleapi.CallOption) (*ListFederationsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, &googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + } + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, err + } + ret := &ListFederationsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Lists federations in a project and location.", + // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations", + // "httpMethod": "GET", + // "id": "metastore.projects.locations.federations.list", + // "parameterOrder": [ + // "parent" + // ], + // "parameters": { + // "filter": { + // "description": "Optional. The filter to apply to list results.", + // "location": "query", + // "type": "string" + // }, + // "orderBy": { + // "description": "Optional. Specify the ordering of results as described in Sorting Order (https://cloud.google.com/apis/design/design_patterns#sorting_order). If not specified, the results will be sorted in the default order.", + // "location": "query", + // "type": "string" + // }, + // "pageSize": { + // "description": "Optional. The maximum number of federations to return. The response may contain less than the maximum number. If unspecified, no more than 500 services are returned. The maximum value is 1000; values above 1000 are changed to 1000.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A page token, received from a previous ListFederationServices call. Provide this token to retrieve the subsequent page.To retrieve the first page, supply an empty page token.When paginating, other parameters provided to ListFederationServices must match the call that provided the page token.", + // "location": "query", + // "type": "string" + // }, + // "parent": { + // "description": "Required. The relative resource name of the location of metastore federations to list, in the following form: projects/{project_number}/locations/{location_id}.", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1alpha/{+parent}/federations", + // "response": { + // "$ref": "ListFederationsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *ProjectsLocationsFederationsListCall) Pages(ctx context.Context, f func(*ListFederationsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "metastore.projects.locations.federations.patch": + +type ProjectsLocationsFederationsPatchCall struct { + s *APIService + name string + federation *Federation + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Patch: Updates the fields of a federation. +// +// - name: Immutable. The relative resource name of the federation, of +// the form: +// projects/{project_number}/locations/{location_id}/federations/{feder +// ation_id}`. +func (r *ProjectsLocationsFederationsService) Patch(name string, federation *Federation) *ProjectsLocationsFederationsPatchCall { + c := &ProjectsLocationsFederationsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.federation = federation + return c +} + +// RequestId sets the optional parameter "requestId": A request ID. +// Specify a unique request ID to allow the server to ignore the request +// if it has completed. The server will ignore subsequent requests that +// provide a duplicate request ID for at least 60 minutes after the +// first request.For example, if an initial request times out, followed +// by another request with the same request ID, the server ignores the +// second request to prevent the creation of duplicate commitments.The +// request ID must be a valid UUID +// (https://en.wikipedia.org/wiki/Universally_unique_identifier#Format) +// A zero UUID (00000000-0000-0000-0000-000000000000) is not supported. +func (c *ProjectsLocationsFederationsPatchCall) RequestId(requestId string) *ProjectsLocationsFederationsPatchCall { + c.urlParams_.Set("requestId", requestId) + return c +} + +// UpdateMask sets the optional parameter "updateMask": Required. A +// field mask used to specify the fields to be overwritten in the +// metastore federation resource by the update. Fields specified in the +// update_mask are relative to the resource (not to the full request). A +// field is overwritten if it is in the mask. +func (c *ProjectsLocationsFederationsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsFederationsPatchCall { + c.urlParams_.Set("updateMask", updateMask) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsFederationsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsFederationsPatchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsFederationsPatchCall) Context(ctx context.Context) *ProjectsLocationsFederationsPatchCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsFederationsPatchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsFederationsPatchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.federation) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("PATCH", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "metastore.projects.locations.federations.patch" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsLocationsFederationsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, &googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + } + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, err + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Updates the fields of a federation.", + // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/federations/{federationsId}", + // "httpMethod": "PATCH", + // "id": "metastore.projects.locations.federations.patch", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Immutable. The relative resource name of the federation, of the form: projects/{project_number}/locations/{location_id}/federations/{federation_id}`.", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/federations/[^/]+$", + // "required": true, + // "type": "string" + // }, + // "requestId": { + // "description": "Optional. A request ID. Specify a unique request ID to allow the server to ignore the request if it has completed. The server will ignore subsequent requests that provide a duplicate request ID for at least 60 minutes after the first request.For example, if an initial request times out, followed by another request with the same request ID, the server ignores the second request to prevent the creation of duplicate commitments.The request ID must be a valid UUID (https://en.wikipedia.org/wiki/Universally_unique_identifier#Format) A zero UUID (00000000-0000-0000-0000-000000000000) is not supported.", + // "location": "query", + // "type": "string" + // }, + // "updateMask": { + // "description": "Required. A field mask used to specify the fields to be overwritten in the metastore federation resource by the update. Fields specified in the update_mask are relative to the resource (not to the full request). A field is overwritten if it is in the mask.", + // "format": "google-fieldmask", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v1alpha/{+name}", + // "request": { + // "$ref": "Federation" + // }, + // "response": { + // "$ref": "Operation" // }, // "scopes": [ // "https://www.googleapis.com/auth/cloud-platform" diff --git a/mybusinessbusinesscalls/v1/mybusinessbusinesscalls-api.json b/mybusinessbusinesscalls/v1/mybusinessbusinesscalls-api.json index 154e9feefda..a4d16d98dbd 100644 --- a/mybusinessbusinesscalls/v1/mybusinessbusinesscalls-api.json +++ b/mybusinessbusinesscalls/v1/mybusinessbusinesscalls-api.json @@ -3,7 +3,7 @@ "baseUrl": "https://mybusinessbusinesscalls.googleapis.com/", "batchPath": "batch", "canonicalName": "My Business Business Calls", - "description": "The My Business Business Calls API manages business calls information of a location on Google.", + "description": "The My Business Business Calls API manages business calls information of a location on Google and collect insights like the number of missed calls to their location. Additional information about Business calls can be found at https://support.google.com/business/answer/9688285?p=call_history. If the Google Business Profile links to a Google Ads account and call history is turned on, calls that last longer than a specific time, and that can be attributed to an ad interaction, will show in the linked Google Ads account under the \"Calls from Ads\" conversion. If smart bidding and call conversions are used in the optimization strategy, there could be a change in ad spend. Learn more about smart bidding. To view and perform actions on a location's calls, you need to be a `OWNER`, `CO_OWNER` or `MANAGER` of the location.", "discoveryVersion": "v1", "documentationLink": "https://developers.google.com/my-business/", "fullyEncodeReservedExpansion": true, @@ -198,7 +198,7 @@ } } }, - "revision": "20220301", + "revision": "20220620", "rootUrl": "https://mybusinessbusinesscalls.googleapis.com/", "schemas": { "AggregateMetrics": { diff --git a/servicenetworking/v1/servicenetworking-api.json b/servicenetworking/v1/servicenetworking-api.json index 97304e0850a..fe028795511 100644 --- a/servicenetworking/v1/servicenetworking-api.json +++ b/servicenetworking/v1/servicenetworking-api.json @@ -865,7 +865,7 @@ } } }, - "revision": "20220530", + "revision": "20220620", "rootUrl": "https://servicenetworking.googleapis.com/", "schemas": { "AddDnsRecordSetMetadata": { @@ -2365,27 +2365,6 @@ "description": "Bind API methods to metrics. Binding a method to a metric causes that metric's configured quota behaviors to apply to the method call.", "id": "MetricRule", "properties": { - "dynamicMetricCosts": { - "additionalProperties": { - "enum": [ - "DYNAMIC_COST_TYPE_UNSPECIFIED", - "REQUEST_BODY_BYTES", - "REQUEST_BODY_AND_HEADER_BYTES", - "RESPONSE_BODY_BYTES", - "RESPONSE_BODY_AND_HEADER_BYTES" - ], - "enumDescriptions": [ - "Unspecified dynamic cost type.", - "Cost is the request body bytes", - "Cost is the request body and HTTP header bytes", - "Cost is the response body bytes", - "Cost is the response body and header bytes" - ], - "type": "string" - }, - "description": "Metrics to update when the selected methods are called. The key of the map is the metric name, the value is the DynamicCostType to specify how to calculate the cost from the request. The cost amount will be increased for the metric against which the quota limits are defined. It is only implemented in CloudESF(go/cloudesf)", - "type": "object" - }, "metricCosts": { "additionalProperties": { "format": "int64", diff --git a/servicenetworking/v1/servicenetworking-gen.go b/servicenetworking/v1/servicenetworking-gen.go index bc3c4dc3bcd..f3ed41e4ddc 100644 --- a/servicenetworking/v1/servicenetworking-gen.go +++ b/servicenetworking/v1/servicenetworking-gen.go @@ -3123,14 +3123,6 @@ func (s *MetricDescriptorMetadata) MarshalJSON() ([]byte, error) { // causes that metric's configured quota behaviors to apply to the // method call. type MetricRule struct { - // DynamicMetricCosts: Metrics to update when the selected methods are - // called. The key of the map is the metric name, the value is the - // DynamicCostType to specify how to calculate the cost from the - // request. The cost amount will be increased for the metric against - // which the quota limits are defined. It is only implemented in - // CloudESF(go/cloudesf) - DynamicMetricCosts map[string]string `json:"dynamicMetricCosts,omitempty"` - // MetricCosts: Metrics to update when the selected methods are called, // and the associated cost applied to each metric. The key of the map is // the metric name, and the values are the amount increased for the @@ -3142,21 +3134,20 @@ type MetricRule struct { // selector for syntax details. Selector string `json:"selector,omitempty"` - // ForceSendFields is a list of field names (e.g. "DynamicMetricCosts") - // to unconditionally include in API requests. By default, fields with + // ForceSendFields is a list of field names (e.g. "MetricCosts") to + // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "DynamicMetricCosts") to - // include in API requests with the JSON null value. By default, fields - // with empty values are omitted from API requests. However, any field - // with an empty value appearing in NullFields will be sent to the - // server as null. It is an error if a field in this list has a - // non-empty value. This may be used to include null fields in Patch - // requests. + // NullFields is a list of field names (e.g. "MetricCosts") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` } diff --git a/servicenetworking/v1beta/servicenetworking-api.json b/servicenetworking/v1beta/servicenetworking-api.json index 6b33642d16c..f545ba998a3 100644 --- a/servicenetworking/v1beta/servicenetworking-api.json +++ b/servicenetworking/v1beta/servicenetworking-api.json @@ -307,7 +307,7 @@ } } }, - "revision": "20220513", + "revision": "20220620", "rootUrl": "https://servicenetworking.googleapis.com/", "schemas": { "AddDnsRecordSetMetadata": { @@ -1623,27 +1623,6 @@ "description": "Bind API methods to metrics. Binding a method to a metric causes that metric's configured quota behaviors to apply to the method call.", "id": "MetricRule", "properties": { - "dynamicMetricCosts": { - "additionalProperties": { - "enum": [ - "DYNAMIC_COST_TYPE_UNSPECIFIED", - "REQUEST_BODY_BYTES", - "REQUEST_BODY_AND_HEADER_BYTES", - "RESPONSE_BODY_BYTES", - "RESPONSE_BODY_AND_HEADER_BYTES" - ], - "enumDescriptions": [ - "Unspecified dynamic cost type.", - "Cost is the request body bytes", - "Cost is the request body and HTTP header bytes", - "Cost is the response body bytes", - "Cost is the response body and header bytes" - ], - "type": "string" - }, - "description": "Metrics to update when the selected methods are called. The key of the map is the metric name, the value is the DynamicCostType to specify how to calculate the cost from the request. The cost amount will be increased for the metric against which the quota limits are defined. It is only implemented in CloudESF(go/cloudesf)", - "type": "object" - }, "metricCosts": { "additionalProperties": { "format": "int64", diff --git a/servicenetworking/v1beta/servicenetworking-gen.go b/servicenetworking/v1beta/servicenetworking-gen.go index 9c632aa5481..a8efbc24ea2 100644 --- a/servicenetworking/v1beta/servicenetworking-gen.go +++ b/servicenetworking/v1beta/servicenetworking-gen.go @@ -2634,14 +2634,6 @@ func (s *MetricDescriptorMetadata) MarshalJSON() ([]byte, error) { // causes that metric's configured quota behaviors to apply to the // method call. type MetricRule struct { - // DynamicMetricCosts: Metrics to update when the selected methods are - // called. The key of the map is the metric name, the value is the - // DynamicCostType to specify how to calculate the cost from the - // request. The cost amount will be increased for the metric against - // which the quota limits are defined. It is only implemented in - // CloudESF(go/cloudesf) - DynamicMetricCosts map[string]string `json:"dynamicMetricCosts,omitempty"` - // MetricCosts: Metrics to update when the selected methods are called, // and the associated cost applied to each metric. The key of the map is // the metric name, and the values are the amount increased for the @@ -2653,21 +2645,20 @@ type MetricRule struct { // selector for syntax details. Selector string `json:"selector,omitempty"` - // ForceSendFields is a list of field names (e.g. "DynamicMetricCosts") - // to unconditionally include in API requests. By default, fields with + // ForceSendFields is a list of field names (e.g. "MetricCosts") to + // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "DynamicMetricCosts") to - // include in API requests with the JSON null value. By default, fields - // with empty values are omitted from API requests. However, any field - // with an empty value appearing in NullFields will be sent to the - // server as null. It is an error if a field in this list has a - // non-empty value. This may be used to include null fields in Patch - // requests. + // NullFields is a list of field names (e.g. "MetricCosts") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` } diff --git a/sheets/v4/sheets-api.json b/sheets/v4/sheets-api.json index 47be067d757..b7655ac4c69 100644 --- a/sheets/v4/sheets-api.json +++ b/sheets/v4/sheets-api.json @@ -870,7 +870,7 @@ } } }, - "revision": "20220606", + "revision": "20220613", "rootUrl": "https://sheets.googleapis.com/", "schemas": { "AddBandingRequest": { @@ -2178,7 +2178,7 @@ "properties": { "color": { "$ref": "Color", - "description": "The color of the border. Deprecated: Use [color_style]." + "description": "The color of the border. Deprecated: Use color_style." }, "colorStyle": { "$ref": "ColorStyle", @@ -2474,7 +2474,7 @@ "type": "string" }, "hyperlinkDisplayType": { - "description": "How a hyperlink, if it exists, should be displayed in the cell.", + "description": "If one exists, how a hyperlink should be displayed in the cell.", "enum": [ "HYPERLINK_DISPLAY_TYPE_UNSPECIFIED", "LINKED", @@ -2511,11 +2511,11 @@ }, "textFormat": { "$ref": "TextFormat", - "description": "The format of the text in the cell (unless overridden by a format run). Setting a cell-level link here will clear the cell's existing links. Setting the link field in a TextFormatRun will take precedence over the cell-level link." + "description": "The format of the text in the cell (unless overridden by a format run). Setting a cell-level link here clears the cell's existing links. Setting the link field in a TextFormatRun takes precedence over the cell-level link." }, "textRotation": { "$ref": "TextRotation", - "description": "The rotation applied to text in a cell" + "description": "The rotation applied to text in the cell." }, "verticalAlignment": { "description": "The vertical alignment of the value in the cell.", diff --git a/sheets/v4/sheets-gen.go b/sheets/v4/sheets-gen.go index 2f5a2f2659e..8b718d8ca5a 100644 --- a/sheets/v4/sheets-gen.go +++ b/sheets/v4/sheets-gen.go @@ -2515,7 +2515,7 @@ func (s *BooleanRule) MarshalJSON() ([]byte, error) { // Border: A border along a cell. type Border struct { - // Color: The color of the border. Deprecated: Use [color_style]. + // Color: The color of the border. Deprecated: Use color_style. Color *Color `json:"color,omitempty"` // ColorStyle: The color of the border. If color is also set, this field @@ -2965,7 +2965,7 @@ type CellFormat struct { // "RIGHT" - The text is explicitly aligned to the right of the cell. HorizontalAlignment string `json:"horizontalAlignment,omitempty"` - // HyperlinkDisplayType: How a hyperlink, if it exists, should be + // HyperlinkDisplayType: If one exists, how a hyperlink should be // displayed in the cell. // // Possible values: @@ -2994,12 +2994,12 @@ type CellFormat struct { TextDirection string `json:"textDirection,omitempty"` // TextFormat: The format of the text in the cell (unless overridden by - // a format run). Setting a cell-level link here will clear the cell's - // existing links. Setting the link field in a TextFormatRun will take + // a format run). Setting a cell-level link here clears the cell's + // existing links. Setting the link field in a TextFormatRun takes // precedence over the cell-level link. TextFormat *TextFormat `json:"textFormat,omitempty"` - // TextRotation: The rotation applied to text in a cell + // TextRotation: The rotation applied to text in the cell. TextRotation *TextRotation `json:"textRotation,omitempty"` // VerticalAlignment: The vertical alignment of the value in the cell. diff --git a/spanner/v1/spanner-api.json b/spanner/v1/spanner-api.json index 8c5d689e0d7..10cc9594fc6 100644 --- a/spanner/v1/spanner-api.json +++ b/spanner/v1/spanner-api.json @@ -2233,7 +2233,7 @@ } } }, - "revision": "20220531", + "revision": "20220615", "rootUrl": "https://spanner.googleapis.com/", "schemas": { "Backup": { @@ -4674,7 +4674,7 @@ "type": "object" }, "TransactionOptions": { - "description": "In addition, if TransactionOptions.read_only.return_read_timestamp is set to true, a special value of 2^63 - 2 will be returned in the Transaction message that describes the transaction, instead of a valid read timestamp. This special value should be discarded and not used for any subsequent queries. Please see https://cloud.google.com/spanner/docs/change-streams for more details on how to query the change stream TVFs. Partitioned DML transactions: Partitioned DML transactions are used to execute DML statements with a different execution strategy that provides different, and often better, scalability properties for large, table-wide operations than DML in a ReadWrite transaction. Smaller scoped statements, such as an OLTP workload, should prefer using ReadWrite transactions. Partitioned DML partitions the keyspace and runs the DML statement on each partition in separate, internal transactions. These transactions commit automatically when complete, and run independently from one another. To reduce lock contention, this execution strategy only acquires read locks on rows that match the WHERE clause of the statement. Additionally, the smaller per-partition transactions hold locks for less time. That said, Partitioned DML is not a drop-in replacement for standard DML used in ReadWrite transactions. - The DML statement must be fully-partitionable. Specifically, the statement must be expressible as the union of many statements which each access only a single row of the table. - The statement is not applied atomically to all rows of the table. Rather, the statement is applied atomically to partitions of the table, in independent transactions. Secondary index rows are updated atomically with the base table rows. - Partitioned DML does not guarantee exactly-once execution semantics against a partition. The statement will be applied at least once to each partition. It is strongly recommended that the DML statement should be idempotent to avoid unexpected results. For instance, it is potentially dangerous to run a statement such as `UPDATE table SET column = column + 1` as it could be run multiple times against some rows. - The partitions are committed automatically - there is no support for Commit or Rollback. If the call returns an error, or if the client issuing the ExecuteSql call dies, it is possible that some rows had the statement executed on them successfully. It is also possible that statement was never executed against other rows. - Partitioned DML transactions may only contain the execution of a single DML statement via ExecuteSql or ExecuteStreamingSql. - If any error is encountered during the execution of the partitioned DML operation (for instance, a UNIQUE INDEX violation, division by zero, or a value that cannot be stored due to schema constraints), then the operation is stopped at that point and an error is returned. It is possible that at this point, some partitions have been committed (or even committed multiple times), and other partitions have not been run at all. Given the above, Partitioned DML is good fit for large, database-wide, operations that are idempotent, such as deleting old rows from a very large table.", + "description": "Transactions: Each session can have at most one active transaction at a time (note that standalone reads and queries use a transaction internally and do count towards the one transaction limit). After the active transaction is completed, the session can immediately be re-used for the next transaction. It is not necessary to create a new session for each transaction. Transaction modes: Cloud Spanner supports three transaction modes: 1. Locking read-write. This type of transaction is the only way to write data into Cloud Spanner. These transactions rely on pessimistic locking and, if necessary, two-phase commit. Locking read-write transactions may abort, requiring the application to retry. 2. Snapshot read-only. Snapshot read-only transactions provide guaranteed consistency across several reads, but do not allow writes. Snapshot read-only transactions can be configured to read at timestamps in the past, or configured to perform a strong read (where Spanner will select a timestamp such that the read is guaranteed to see the effects of all transactions that have committed before the start of the read). Snapshot read-only transactions do not need to be committed. Queries on change streams must be performed with the snapshot read-only transaction mode, specifying a strong read. Please see TransactionOptions.ReadOnly.strong for more details. 3. Partitioned DML. This type of transaction is used to execute a single Partitioned DML statement. Partitioned DML partitions the key space and runs the DML statement over each partition in parallel using separate, internal transactions that commit independently. Partitioned DML transactions do not need to be committed. For transactions that only read, snapshot read-only transactions provide simpler semantics and are almost always faster. In particular, read-only transactions do not take locks, so they do not conflict with read-write transactions. As a consequence of not taking locks, they also do not abort, so retry loops are not needed. Transactions may only read-write data in a single database. They may, however, read-write data in different tables within that database. Locking read-write transactions: Locking transactions may be used to atomically read-modify-write data anywhere in a database. This type of transaction is externally consistent. Clients should attempt to minimize the amount of time a transaction is active. Faster transactions commit with higher probability and cause less contention. Cloud Spanner attempts to keep read locks active as long as the transaction continues to do reads, and the transaction has not been terminated by Commit or Rollback. Long periods of inactivity at the client may cause Cloud Spanner to release a transaction's locks and abort it. Conceptually, a read-write transaction consists of zero or more reads or SQL statements followed by Commit. At any time before Commit, the client can send a Rollback request to abort the transaction. Semantics: Cloud Spanner can commit the transaction if all read locks it acquired are still valid at commit time, and it is able to acquire write locks for all writes. Cloud Spanner can abort the transaction for any reason. If a commit attempt returns `ABORTED`, Cloud Spanner guarantees that the transaction has not modified any user data in Cloud Spanner. Unless the transaction commits, Cloud Spanner makes no guarantees about how long the transaction's locks were held for. It is an error to use Cloud Spanner locks for any sort of mutual exclusion other than between Cloud Spanner transactions themselves. Retrying aborted transactions: When a transaction aborts, the application can choose to retry the whole transaction again. To maximize the chances of successfully committing the retry, the client should execute the retry in the same session as the original attempt. The original session's lock priority increases with each consecutive abort, meaning that each attempt has a slightly better chance of success than the previous. Under some circumstances (for example, many transactions attempting to modify the same row(s)), a transaction can abort many times in a short period before successfully committing. Thus, it is not a good idea to cap the number of retries a transaction can attempt; instead, it is better to limit the total amount of time spent retrying. Idle transactions: A transaction is considered idle if it has no outstanding reads or SQL queries and has not started a read or SQL query within the last 10 seconds. Idle transactions can be aborted by Cloud Spanner so that they don't hold on to locks indefinitely. If an idle transaction is aborted, the commit will fail with error `ABORTED`. If this behavior is undesirable, periodically executing a simple SQL query in the transaction (for example, `SELECT 1`) prevents the transaction from becoming idle. Snapshot read-only transactions: Snapshot read-only transactions provides a simpler method than locking read-write transactions for doing several consistent reads. However, this type of transaction does not support writes. Snapshot transactions do not take locks. Instead, they work by choosing a Cloud Spanner timestamp, then executing all reads at that timestamp. Since they do not acquire locks, they do not block concurrent read-write transactions. Unlike locking read-write transactions, snapshot read-only transactions never abort. They can fail if the chosen read timestamp is garbage collected; however, the default garbage collection policy is generous enough that most applications do not need to worry about this in practice. Snapshot read-only transactions do not need to call Commit or Rollback (and in fact are not permitted to do so). To execute a snapshot transaction, the client specifies a timestamp bound, which tells Cloud Spanner how to choose a read timestamp. The types of timestamp bound are: - Strong (the default). - Bounded staleness. - Exact staleness. If the Cloud Spanner database to be read is geographically distributed, stale read-only transactions can execute more quickly than strong or read-write transactions, because they are able to execute far from the leader replica. Each type of timestamp bound is discussed in detail below. Strong: Strong reads are guaranteed to see the effects of all transactions that have committed before the start of the read. Furthermore, all rows yielded by a single read are consistent with each other -- if any part of the read observes a transaction, all parts of the read see the transaction. Strong reads are not repeatable: two consecutive strong read-only transactions might return inconsistent results if there are concurrent writes. If consistency across reads is required, the reads should be executed within a transaction or at an exact read timestamp. Queries on change streams (see below for more details) must also specify the strong read timestamp bound. See TransactionOptions.ReadOnly.strong. Exact staleness: These timestamp bounds execute reads at a user-specified timestamp. Reads at a timestamp are guaranteed to see a consistent prefix of the global transaction history: they observe modifications done by all transactions with a commit timestamp less than or equal to the read timestamp, and observe none of the modifications done by transactions with a larger commit timestamp. They will block until all conflicting transactions that may be assigned commit timestamps \u003c= the read timestamp have finished. The timestamp can either be expressed as an absolute Cloud Spanner commit timestamp or a staleness relative to the current time. These modes do not require a \"negotiation phase\" to pick a timestamp. As a result, they execute slightly faster than the equivalent boundedly stale concurrency modes. On the other hand, boundedly stale reads usually return fresher results. See TransactionOptions.ReadOnly.read_timestamp and TransactionOptions.ReadOnly.exact_staleness. Bounded staleness: Bounded staleness modes allow Cloud Spanner to pick the read timestamp, subject to a user-provided staleness bound. Cloud Spanner chooses the newest timestamp within the staleness bound that allows execution of the reads at the closest available replica without blocking. All rows yielded are consistent with each other -- if any part of the read observes a transaction, all parts of the read see the transaction. Boundedly stale reads are not repeatable: two stale reads, even if they use the same staleness bound, can execute at different timestamps and thus return inconsistent results. Boundedly stale reads execute in two phases: the first phase negotiates a timestamp among all replicas needed to serve the read. In the second phase, reads are executed at the negotiated timestamp. As a result of the two phase execution, bounded staleness reads are usually a little slower than comparable exact staleness reads. However, they are typically able to return fresher results, and are more likely to execute at the closest replica. Because the timestamp negotiation requires up-front knowledge of which rows will be read, it can only be used with single-use read-only transactions. See TransactionOptions.ReadOnly.max_staleness and TransactionOptions.ReadOnly.min_read_timestamp. Old read timestamps and garbage collection: Cloud Spanner continuously garbage collects deleted and overwritten data in the background to reclaim storage space. This process is known as \"version GC\". By default, version GC reclaims versions after they are one hour old. Because of this, Cloud Spanner cannot perform reads at read timestamps more than one hour in the past. This restriction also applies to in-progress reads and/or SQL queries whose timestamp become too old while executing. Reads and SQL queries with too-old read timestamps fail with the error `FAILED_PRECONDITION`. You can configure and extend the `VERSION_RETENTION_PERIOD` of a database up to a period as long as one week, which allows Cloud Spanner to perform reads up to one week in the past. Querying change Streams: A Change Stream is a schema object that can be configured to watch data changes on the entire database, a set of tables, or a set of columns in a database. When a change stream is created, Spanner automatically defines a corresponding SQL Table-Valued Function (TVF) that can be used to query the change records in the associated change stream using the ExecuteStreamingSql API. The name of the TVF for a change stream is generated from the name of the change stream: READ_. All queries on change stream TVFs must be executed using the ExecuteStreamingSql API with a single-use read-only transaction with a strong read-only timestamp_bound. The change stream TVF allows users to specify the start_timestamp and end_timestamp for the time range of interest. All change records within the retention period is accessible using the strong read-only timestamp_bound. All other TransactionOptions are invalid for change stream queries. In addition, if TransactionOptions.read_only.return_read_timestamp is set to true, a special value of 2^63 - 2 will be returned in the Transaction message that describes the transaction, instead of a valid read timestamp. This special value should be discarded and not used for any subsequent queries. Please see https://cloud.google.com/spanner/docs/change-streams for more details on how to query the change stream TVFs. Partitioned DML transactions: Partitioned DML transactions are used to execute DML statements with a different execution strategy that provides different, and often better, scalability properties for large, table-wide operations than DML in a ReadWrite transaction. Smaller scoped statements, such as an OLTP workload, should prefer using ReadWrite transactions. Partitioned DML partitions the keyspace and runs the DML statement on each partition in separate, internal transactions. These transactions commit automatically when complete, and run independently from one another. To reduce lock contention, this execution strategy only acquires read locks on rows that match the WHERE clause of the statement. Additionally, the smaller per-partition transactions hold locks for less time. That said, Partitioned DML is not a drop-in replacement for standard DML used in ReadWrite transactions. - The DML statement must be fully-partitionable. Specifically, the statement must be expressible as the union of many statements which each access only a single row of the table. - The statement is not applied atomically to all rows of the table. Rather, the statement is applied atomically to partitions of the table, in independent transactions. Secondary index rows are updated atomically with the base table rows. - Partitioned DML does not guarantee exactly-once execution semantics against a partition. The statement will be applied at least once to each partition. It is strongly recommended that the DML statement should be idempotent to avoid unexpected results. For instance, it is potentially dangerous to run a statement such as `UPDATE table SET column = column + 1` as it could be run multiple times against some rows. - The partitions are committed automatically - there is no support for Commit or Rollback. If the call returns an error, or if the client issuing the ExecuteSql call dies, it is possible that some rows had the statement executed on them successfully. It is also possible that statement was never executed against other rows. - Partitioned DML transactions may only contain the execution of a single DML statement via ExecuteSql or ExecuteStreamingSql. - If any error is encountered during the execution of the partitioned DML operation (for instance, a UNIQUE INDEX violation, division by zero, or a value that cannot be stored due to schema constraints), then the operation is stopped at that point and an error is returned. It is possible that at this point, some partitions have been committed (or even committed multiple times), and other partitions have not been run at all. Given the above, Partitioned DML is good fit for large, database-wide, operations that are idempotent, such as deleting old rows from a very large table.", "id": "TransactionOptions", "properties": { "partitionedDml": { diff --git a/spanner/v1/spanner-gen.go b/spanner/v1/spanner-gen.go index 6ac99044fae..070923bc86a 100644 --- a/spanner/v1/spanner-gen.go +++ b/spanner/v1/spanner-gen.go @@ -4905,7 +4905,172 @@ func (s *Transaction) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// TransactionOptions: In addition, if +// TransactionOptions: Transactions: Each session can have at most one +// active transaction at a time (note that standalone reads and queries +// use a transaction internally and do count towards the one transaction +// limit). After the active transaction is completed, the session can +// immediately be re-used for the next transaction. It is not necessary +// to create a new session for each transaction. Transaction modes: +// Cloud Spanner supports three transaction modes: 1. Locking +// read-write. This type of transaction is the only way to write data +// into Cloud Spanner. These transactions rely on pessimistic locking +// and, if necessary, two-phase commit. Locking read-write transactions +// may abort, requiring the application to retry. 2. Snapshot read-only. +// Snapshot read-only transactions provide guaranteed consistency across +// several reads, but do not allow writes. Snapshot read-only +// transactions can be configured to read at timestamps in the past, or +// configured to perform a strong read (where Spanner will select a +// timestamp such that the read is guaranteed to see the effects of all +// transactions that have committed before the start of the read). +// Snapshot read-only transactions do not need to be committed. Queries +// on change streams must be performed with the snapshot read-only +// transaction mode, specifying a strong read. Please see +// TransactionOptions.ReadOnly.strong for more details. 3. Partitioned +// DML. This type of transaction is used to execute a single Partitioned +// DML statement. Partitioned DML partitions the key space and runs the +// DML statement over each partition in parallel using separate, +// internal transactions that commit independently. Partitioned DML +// transactions do not need to be committed. For transactions that only +// read, snapshot read-only transactions provide simpler semantics and +// are almost always faster. In particular, read-only transactions do +// not take locks, so they do not conflict with read-write transactions. +// As a consequence of not taking locks, they also do not abort, so +// retry loops are not needed. Transactions may only read-write data in +// a single database. They may, however, read-write data in different +// tables within that database. Locking read-write transactions: Locking +// transactions may be used to atomically read-modify-write data +// anywhere in a database. This type of transaction is externally +// consistent. Clients should attempt to minimize the amount of time a +// transaction is active. Faster transactions commit with higher +// probability and cause less contention. Cloud Spanner attempts to keep +// read locks active as long as the transaction continues to do reads, +// and the transaction has not been terminated by Commit or Rollback. +// Long periods of inactivity at the client may cause Cloud Spanner to +// release a transaction's locks and abort it. Conceptually, a +// read-write transaction consists of zero or more reads or SQL +// statements followed by Commit. At any time before Commit, the client +// can send a Rollback request to abort the transaction. Semantics: +// Cloud Spanner can commit the transaction if all read locks it +// acquired are still valid at commit time, and it is able to acquire +// write locks for all writes. Cloud Spanner can abort the transaction +// for any reason. If a commit attempt returns `ABORTED`, Cloud Spanner +// guarantees that the transaction has not modified any user data in +// Cloud Spanner. Unless the transaction commits, Cloud Spanner makes no +// guarantees about how long the transaction's locks were held for. It +// is an error to use Cloud Spanner locks for any sort of mutual +// exclusion other than between Cloud Spanner transactions themselves. +// Retrying aborted transactions: When a transaction aborts, the +// application can choose to retry the whole transaction again. To +// maximize the chances of successfully committing the retry, the client +// should execute the retry in the same session as the original attempt. +// The original session's lock priority increases with each consecutive +// abort, meaning that each attempt has a slightly better chance of +// success than the previous. Under some circumstances (for example, +// many transactions attempting to modify the same row(s)), a +// transaction can abort many times in a short period before +// successfully committing. Thus, it is not a good idea to cap the +// number of retries a transaction can attempt; instead, it is better to +// limit the total amount of time spent retrying. Idle transactions: A +// transaction is considered idle if it has no outstanding reads or SQL +// queries and has not started a read or SQL query within the last 10 +// seconds. Idle transactions can be aborted by Cloud Spanner so that +// they don't hold on to locks indefinitely. If an idle transaction is +// aborted, the commit will fail with error `ABORTED`. If this behavior +// is undesirable, periodically executing a simple SQL query in the +// transaction (for example, `SELECT 1`) prevents the transaction from +// becoming idle. Snapshot read-only transactions: Snapshot read-only +// transactions provides a simpler method than locking read-write +// transactions for doing several consistent reads. However, this type +// of transaction does not support writes. Snapshot transactions do not +// take locks. Instead, they work by choosing a Cloud Spanner timestamp, +// then executing all reads at that timestamp. Since they do not acquire +// locks, they do not block concurrent read-write transactions. Unlike +// locking read-write transactions, snapshot read-only transactions +// never abort. They can fail if the chosen read timestamp is garbage +// collected; however, the default garbage collection policy is generous +// enough that most applications do not need to worry about this in +// practice. Snapshot read-only transactions do not need to call Commit +// or Rollback (and in fact are not permitted to do so). To execute a +// snapshot transaction, the client specifies a timestamp bound, which +// tells Cloud Spanner how to choose a read timestamp. The types of +// timestamp bound are: - Strong (the default). - Bounded staleness. - +// Exact staleness. If the Cloud Spanner database to be read is +// geographically distributed, stale read-only transactions can execute +// more quickly than strong or read-write transactions, because they are +// able to execute far from the leader replica. Each type of timestamp +// bound is discussed in detail below. Strong: Strong reads are +// guaranteed to see the effects of all transactions that have committed +// before the start of the read. Furthermore, all rows yielded by a +// single read are consistent with each other -- if any part of the read +// observes a transaction, all parts of the read see the transaction. +// Strong reads are not repeatable: two consecutive strong read-only +// transactions might return inconsistent results if there are +// concurrent writes. If consistency across reads is required, the reads +// should be executed within a transaction or at an exact read +// timestamp. Queries on change streams (see below for more details) +// must also specify the strong read timestamp bound. See +// TransactionOptions.ReadOnly.strong. Exact staleness: These timestamp +// bounds execute reads at a user-specified timestamp. Reads at a +// timestamp are guaranteed to see a consistent prefix of the global +// transaction history: they observe modifications done by all +// transactions with a commit timestamp less than or equal to the read +// timestamp, and observe none of the modifications done by transactions +// with a larger commit timestamp. They will block until all conflicting +// transactions that may be assigned commit timestamps <= the read +// timestamp have finished. The timestamp can either be expressed as an +// absolute Cloud Spanner commit timestamp or a staleness relative to +// the current time. These modes do not require a "negotiation phase" to +// pick a timestamp. As a result, they execute slightly faster than the +// equivalent boundedly stale concurrency modes. On the other hand, +// boundedly stale reads usually return fresher results. See +// TransactionOptions.ReadOnly.read_timestamp and +// TransactionOptions.ReadOnly.exact_staleness. Bounded staleness: +// Bounded staleness modes allow Cloud Spanner to pick the read +// timestamp, subject to a user-provided staleness bound. Cloud Spanner +// chooses the newest timestamp within the staleness bound that allows +// execution of the reads at the closest available replica without +// blocking. All rows yielded are consistent with each other -- if any +// part of the read observes a transaction, all parts of the read see +// the transaction. Boundedly stale reads are not repeatable: two stale +// reads, even if they use the same staleness bound, can execute at +// different timestamps and thus return inconsistent results. Boundedly +// stale reads execute in two phases: the first phase negotiates a +// timestamp among all replicas needed to serve the read. In the second +// phase, reads are executed at the negotiated timestamp. As a result of +// the two phase execution, bounded staleness reads are usually a little +// slower than comparable exact staleness reads. However, they are +// typically able to return fresher results, and are more likely to +// execute at the closest replica. Because the timestamp negotiation +// requires up-front knowledge of which rows will be read, it can only +// be used with single-use read-only transactions. See +// TransactionOptions.ReadOnly.max_staleness and +// TransactionOptions.ReadOnly.min_read_timestamp. Old read timestamps +// and garbage collection: Cloud Spanner continuously garbage collects +// deleted and overwritten data in the background to reclaim storage +// space. This process is known as "version GC". By default, version GC +// reclaims versions after they are one hour old. Because of this, Cloud +// Spanner cannot perform reads at read timestamps more than one hour in +// the past. This restriction also applies to in-progress reads and/or +// SQL queries whose timestamp become too old while executing. Reads and +// SQL queries with too-old read timestamps fail with the error +// `FAILED_PRECONDITION`. You can configure and extend the +// `VERSION_RETENTION_PERIOD` of a database up to a period as long as +// one week, which allows Cloud Spanner to perform reads up to one week +// in the past. Querying change Streams: A Change Stream is a schema +// object that can be configured to watch data changes on the entire +// database, a set of tables, or a set of columns in a database. When a +// change stream is created, Spanner automatically defines a +// corresponding SQL Table-Valued Function (TVF) that can be used to +// query the change records in the associated change stream using the +// ExecuteStreamingSql API. The name of the TVF for a change stream is +// generated from the name of the change stream: READ_. All queries on +// change stream TVFs must be executed using the ExecuteStreamingSql API +// with a single-use read-only transaction with a strong read-only +// timestamp_bound. The change stream TVF allows users to specify the +// start_timestamp and end_timestamp for the time range of interest. All +// change records within the retention period is accessible using the +// strong read-only timestamp_bound. All other TransactionOptions are +// invalid for change stream queries. In addition, if // TransactionOptions.read_only.return_read_timestamp is set to true, a // special value of 2^63 - 2 will be returned in the Transaction message // that describes the transaction, instead of a valid read timestamp.