diff --git a/analyticshub/v1/analyticshub-api.json b/analyticshub/v1/analyticshub-api.json index 08fad63eb7b..f3012e44e71 100644 --- a/analyticshub/v1/analyticshub-api.json +++ b/analyticshub/v1/analyticshub-api.json @@ -1022,7 +1022,7 @@ } } }, - "revision": "20231127", + "revision": "20240103", "rootUrl": "https://analyticshub.googleapis.com/", "schemas": { "AuditConfig": { @@ -1093,7 +1093,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/analyticshub/v1/analyticshub-gen.go b/analyticshub/v1/analyticshub-gen.go index f225e0c0558..cdb7a97c8fb 100644 --- a/analyticshub/v1/analyticshub-gen.go +++ b/analyticshub/v1/analyticshub-gen.go @@ -422,11 +422,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -438,7 +461,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/analyticshub/v1beta1/analyticshub-api.json b/analyticshub/v1beta1/analyticshub-api.json index 81f30be7d5a..c39720c247d 100644 --- a/analyticshub/v1beta1/analyticshub-api.json +++ b/analyticshub/v1beta1/analyticshub-api.json @@ -695,7 +695,7 @@ } } }, - "revision": "20230923", + "revision": "20240103", "rootUrl": "https://analyticshub.googleapis.com/", "schemas": { "AuditConfig": { @@ -766,7 +766,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/analyticshub/v1beta1/analyticshub-gen.go b/analyticshub/v1beta1/analyticshub-gen.go index 042a9c914b5..197f9639bba 100644 --- a/analyticshub/v1beta1/analyticshub-gen.go +++ b/analyticshub/v1beta1/analyticshub-gen.go @@ -410,11 +410,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -426,7 +449,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/bigquerydatapolicy/v1/bigquerydatapolicy-api.json b/bigquerydatapolicy/v1/bigquerydatapolicy-api.json index 404f95110e8..edf6ec887b5 100644 --- a/bigquerydatapolicy/v1/bigquerydatapolicy-api.json +++ b/bigquerydatapolicy/v1/bigquerydatapolicy-api.json @@ -395,7 +395,7 @@ } } }, - "revision": "20231016", + "revision": "20240107", "rootUrl": "https://bigquerydatapolicy.googleapis.com/", "schemas": { "AuditConfig": { @@ -455,7 +455,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/bigquerydatapolicy/v1/bigquerydatapolicy-gen.go b/bigquerydatapolicy/v1/bigquerydatapolicy-gen.go index bbeeacb514e..bf7a9157e13 100644 --- a/bigquerydatapolicy/v1/bigquerydatapolicy-gen.go +++ b/bigquerydatapolicy/v1/bigquerydatapolicy-gen.go @@ -327,11 +327,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -343,7 +366,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. diff --git a/bigtableadmin/v2/bigtableadmin-api.json b/bigtableadmin/v2/bigtableadmin-api.json index 5992e224316..c04b1fdd151 100644 --- a/bigtableadmin/v2/bigtableadmin-api.json +++ b/bigtableadmin/v2/bigtableadmin-api.json @@ -131,66 +131,6 @@ "resources": { "operations": { "methods": { - "cancel": { - "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", - "flatPath": "v2/operations/{operationsId}:cancel", - "httpMethod": "POST", - "id": "bigtableadmin.operations.cancel", - "parameterOrder": [ - "name" - ], - "parameters": { - "name": { - "description": "The name of the operation resource to be cancelled.", - "location": "path", - "pattern": "^operations/.*$", - "required": true, - "type": "string" - } - }, - "path": "v2/{+name}:cancel", - "response": { - "$ref": "Empty" - }, - "scopes": [ - "https://www.googleapis.com/auth/bigtable.admin", - "https://www.googleapis.com/auth/bigtable.admin.cluster", - "https://www.googleapis.com/auth/bigtable.admin.instance", - "https://www.googleapis.com/auth/cloud-bigtable.admin", - "https://www.googleapis.com/auth/cloud-bigtable.admin.cluster", - "https://www.googleapis.com/auth/cloud-platform" - ] - }, - "delete": { - "description": "Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`.", - "flatPath": "v2/operations/{operationsId}", - "httpMethod": "DELETE", - "id": "bigtableadmin.operations.delete", - "parameterOrder": [ - "name" - ], - "parameters": { - "name": { - "description": "The name of the operation resource to be deleted.", - "location": "path", - "pattern": "^operations/.*$", - "required": true, - "type": "string" - } - }, - "path": "v2/{+name}", - "response": { - "$ref": "Empty" - }, - "scopes": [ - "https://www.googleapis.com/auth/bigtable.admin", - "https://www.googleapis.com/auth/bigtable.admin.cluster", - "https://www.googleapis.com/auth/bigtable.admin.instance", - "https://www.googleapis.com/auth/cloud-bigtable.admin", - "https://www.googleapis.com/auth/cloud-bigtable.admin.cluster", - "https://www.googleapis.com/auth/cloud-platform" - ] - }, "get": { "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", "flatPath": "v2/operations/{operationsId}", @@ -1883,37 +1823,6 @@ }, "locations": { "methods": { - "get": { - "description": "Gets information about a location.", - "flatPath": "v2/projects/{projectsId}/locations/{locationsId}", - "httpMethod": "GET", - "id": "bigtableadmin.projects.locations.get", - "parameterOrder": [ - "name" - ], - "parameters": { - "name": { - "description": "Resource name for the location.", - "location": "path", - "pattern": "^projects/[^/]+/locations/[^/]+$", - "required": true, - "type": "string" - } - }, - "path": "v2/{+name}", - "response": { - "$ref": "Location" - }, - "scopes": [ - "https://www.googleapis.com/auth/bigtable.admin", - "https://www.googleapis.com/auth/bigtable.admin.cluster", - "https://www.googleapis.com/auth/bigtable.admin.instance", - "https://www.googleapis.com/auth/cloud-bigtable.admin", - "https://www.googleapis.com/auth/cloud-bigtable.admin.cluster", - "https://www.googleapis.com/auth/cloud-platform", - "https://www.googleapis.com/auth/cloud-platform.read-only" - ] - }, "list": { "description": "Lists information about the supported locations for this service.", "flatPath": "v2/projects/{projectsId}/locations", @@ -1966,7 +1875,7 @@ } } }, - "revision": "20231029", + "revision": "20231212", "rootUrl": "https://bigtableadmin.googleapis.com/", "schemas": { "AppProfile": { @@ -2205,7 +2114,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.", "items": { "type": "string" }, diff --git a/bigtableadmin/v2/bigtableadmin-gen.go b/bigtableadmin/v2/bigtableadmin-gen.go index 63628338685..17e288ffbee 100644 --- a/bigtableadmin/v2/bigtableadmin-gen.go +++ b/bigtableadmin/v2/bigtableadmin-gen.go @@ -727,11 +727,34 @@ type Binding struct { // For example, `admins@example.com`. * `domain:{domain}`: The G Suite // domain (primary) that represents all the users of that domain. For // example, `google.com` or `example.com`. * - // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - // unique identifier) representing a user that has been recently - // deleted. For example, `alice@example.com?uid=123456789012345678901`. - // If the user is recovered, this value reverts to `user:{emailid}` and - // the recovered user retains the role in the binding. * + // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_ + // id}/subject/{subject_attribute_value}`: A single identity in a + // workforce identity pool. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/group/{group_id}`: All workforce identities in a group. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/attribute.{attribute_name}/{attribute_value}`: All workforce + // identities with a specific attribute value. * + // `principalSet://iam.googleapis.com/locations/global/workforcePools/{po + // ol_id}/*`: All identities in a workforce identity pool. * + // `principal://iam.googleapis.com/projects/{project_number}/locations/gl + // obal/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value} + // `: A single identity in a workload identity pool. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload + // identity pool group. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{at + // tribute_value}`: All identities in a workload identity pool with a + // certain attribute. * + // `principalSet://iam.googleapis.com/projects/{project_number}/locations + // /global/workloadIdentityPools/{pool_id}/*`: All identities in a + // workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An + // email address (plus unique identifier) representing a user that has + // been recently deleted. For example, + // `alice@example.com?uid=123456789012345678901`. If the user is + // recovered, this value reverts to `user:{emailid}` and the recovered + // user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, @@ -743,7 +766,12 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. + // group retains the role in the binding. * + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/{pool_id}/subject/{subject_attribute_value}`: Deleted single + // identity in a workforce identity pool. For example, + // `deleted:principal://iam.googleapis.com/locations/global/workforcePool + // s/my-pool-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. @@ -2417,10 +2445,6 @@ type Location struct { // "projects/example-project/locations/us-east1" Name string `json:"name,omitempty"` - // ServerResponse contains the HTTP response code and headers from the - // server. - googleapi.ServerResponse `json:"-"` - // ForceSendFields is a list of field names (e.g. "DisplayName") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any @@ -3663,292 +3687,6 @@ func (s *UpdateTableMetadata) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// method id "bigtableadmin.operations.cancel": - -type OperationsCancelCall struct { - s *Service - name string - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header -} - -// Cancel: Starts asynchronous cancellation on a long-running operation. -// The server makes a best effort to cancel the operation, but success -// is not guaranteed. If the server doesn't support this method, it -// returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use -// Operations.GetOperation or other methods to check whether the -// cancellation succeeded or whether the operation completed despite -// cancellation. On successful cancellation, the operation is not -// deleted; instead, it becomes an operation with an Operation.error -// value with a google.rpc.Status.code of 1, corresponding to -// `Code.CANCELLED`. -// -// - name: The name of the operation resource to be cancelled. -func (r *OperationsService) Cancel(name string) *OperationsCancelCall { - c := &OperationsCancelCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name - return c -} - -// Fields allows partial responses to be retrieved. See -// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse -// for more information. -func (c *OperationsCancelCall) Fields(s ...googleapi.Field) *OperationsCancelCall { - c.urlParams_.Set("fields", googleapi.CombineFields(s)) - return c -} - -// Context sets the context to be used in this call's Do method. Any -// pending HTTP request will be aborted if the provided context is -// canceled. -func (c *OperationsCancelCall) Context(ctx context.Context) *OperationsCancelCall { - c.ctx_ = ctx - return c -} - -// Header returns an http.Header that can be modified by the caller to -// add HTTP headers to the request. -func (c *OperationsCancelCall) Header() http.Header { - if c.header_ == nil { - c.header_ = make(http.Header) - } - return c.header_ -} - -func (c *OperationsCancelCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := make(http.Header) - reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) - for k, v := range c.header_ { - reqHeaders[k] = v - } - reqHeaders.Set("User-Agent", c.s.userAgent()) - var body io.Reader = nil - c.urlParams_.Set("alt", alt) - c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v2/{+name}:cancel") - urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("POST", urls, body) - if err != nil { - return nil, err - } - req.Header = reqHeaders - googleapi.Expand(req.URL, map[string]string{ - "name": c.name, - }) - return gensupport.SendRequest(c.ctx_, c.s.client, req) -} - -// Do executes the "bigtableadmin.operations.cancel" call. -// Exactly one of *Empty or error will be non-nil. Any non-2xx status -// code is an error. Response headers are in either -// *Empty.ServerResponse.Header or (if a response was returned at all) -// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to -// check whether the returned error was because http.StatusNotModified -// was returned. -func (c *OperationsCancelCall) Do(opts ...googleapi.CallOption) (*Empty, error) { - gensupport.SetOptions(c.urlParams_, opts...) - res, err := c.doRequest("json") - if res != nil && res.StatusCode == http.StatusNotModified { - if res.Body != nil { - res.Body.Close() - } - return nil, gensupport.WrapError(&googleapi.Error{ - Code: res.StatusCode, - Header: res.Header, - }) - } - if err != nil { - return nil, err - } - defer googleapi.CloseBody(res) - if err := googleapi.CheckResponse(res); err != nil { - return nil, gensupport.WrapError(err) - } - ret := &Empty{ - ServerResponse: googleapi.ServerResponse{ - Header: res.Header, - HTTPStatusCode: res.StatusCode, - }, - } - target := &ret - if err := gensupport.DecodeResponse(target, res); err != nil { - return nil, err - } - return ret, nil - // { - // "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", - // "flatPath": "v2/operations/{operationsId}:cancel", - // "httpMethod": "POST", - // "id": "bigtableadmin.operations.cancel", - // "parameterOrder": [ - // "name" - // ], - // "parameters": { - // "name": { - // "description": "The name of the operation resource to be cancelled.", - // "location": "path", - // "pattern": "^operations/.*$", - // "required": true, - // "type": "string" - // } - // }, - // "path": "v2/{+name}:cancel", - // "response": { - // "$ref": "Empty" - // }, - // "scopes": [ - // "https://www.googleapis.com/auth/bigtable.admin", - // "https://www.googleapis.com/auth/bigtable.admin.cluster", - // "https://www.googleapis.com/auth/bigtable.admin.instance", - // "https://www.googleapis.com/auth/cloud-bigtable.admin", - // "https://www.googleapis.com/auth/cloud-bigtable.admin.cluster", - // "https://www.googleapis.com/auth/cloud-platform" - // ] - // } - -} - -// method id "bigtableadmin.operations.delete": - -type OperationsDeleteCall struct { - s *Service - name string - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header -} - -// Delete: Deletes a long-running operation. This method indicates that -// the client is no longer interested in the operation result. It does -// not cancel the operation. If the server doesn't support this method, -// it returns `google.rpc.Code.UNIMPLEMENTED`. -// -// - name: The name of the operation resource to be deleted. -func (r *OperationsService) Delete(name string) *OperationsDeleteCall { - c := &OperationsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name - return c -} - -// Fields allows partial responses to be retrieved. See -// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse -// for more information. -func (c *OperationsDeleteCall) Fields(s ...googleapi.Field) *OperationsDeleteCall { - c.urlParams_.Set("fields", googleapi.CombineFields(s)) - return c -} - -// Context sets the context to be used in this call's Do method. Any -// pending HTTP request will be aborted if the provided context is -// canceled. -func (c *OperationsDeleteCall) Context(ctx context.Context) *OperationsDeleteCall { - c.ctx_ = ctx - return c -} - -// Header returns an http.Header that can be modified by the caller to -// add HTTP headers to the request. -func (c *OperationsDeleteCall) Header() http.Header { - if c.header_ == nil { - c.header_ = make(http.Header) - } - return c.header_ -} - -func (c *OperationsDeleteCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := make(http.Header) - reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) - for k, v := range c.header_ { - reqHeaders[k] = v - } - reqHeaders.Set("User-Agent", c.s.userAgent()) - var body io.Reader = nil - c.urlParams_.Set("alt", alt) - c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v2/{+name}") - urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("DELETE", urls, body) - if err != nil { - return nil, err - } - req.Header = reqHeaders - googleapi.Expand(req.URL, map[string]string{ - "name": c.name, - }) - return gensupport.SendRequest(c.ctx_, c.s.client, req) -} - -// Do executes the "bigtableadmin.operations.delete" call. -// Exactly one of *Empty or error will be non-nil. Any non-2xx status -// code is an error. Response headers are in either -// *Empty.ServerResponse.Header or (if a response was returned at all) -// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to -// check whether the returned error was because http.StatusNotModified -// was returned. -func (c *OperationsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { - gensupport.SetOptions(c.urlParams_, opts...) - res, err := c.doRequest("json") - if res != nil && res.StatusCode == http.StatusNotModified { - if res.Body != nil { - res.Body.Close() - } - return nil, gensupport.WrapError(&googleapi.Error{ - Code: res.StatusCode, - Header: res.Header, - }) - } - if err != nil { - return nil, err - } - defer googleapi.CloseBody(res) - if err := googleapi.CheckResponse(res); err != nil { - return nil, gensupport.WrapError(err) - } - ret := &Empty{ - ServerResponse: googleapi.ServerResponse{ - Header: res.Header, - HTTPStatusCode: res.StatusCode, - }, - } - target := &ret - if err := gensupport.DecodeResponse(target, res); err != nil { - return nil, err - } - return ret, nil - // { - // "description": "Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`.", - // "flatPath": "v2/operations/{operationsId}", - // "httpMethod": "DELETE", - // "id": "bigtableadmin.operations.delete", - // "parameterOrder": [ - // "name" - // ], - // "parameters": { - // "name": { - // "description": "The name of the operation resource to be deleted.", - // "location": "path", - // "pattern": "^operations/.*$", - // "required": true, - // "type": "string" - // } - // }, - // "path": "v2/{+name}", - // "response": { - // "$ref": "Empty" - // }, - // "scopes": [ - // "https://www.googleapis.com/auth/bigtable.admin", - // "https://www.googleapis.com/auth/bigtable.admin.cluster", - // "https://www.googleapis.com/auth/bigtable.admin.instance", - // "https://www.googleapis.com/auth/cloud-bigtable.admin", - // "https://www.googleapis.com/auth/cloud-bigtable.admin.cluster", - // "https://www.googleapis.com/auth/cloud-platform" - // ] - // } - -} - // method id "bigtableadmin.operations.get": type OperationsGetCall struct { @@ -11547,158 +11285,6 @@ func (c *ProjectsInstancesTablesUndeleteCall) Do(opts ...googleapi.CallOption) ( } -// method id "bigtableadmin.projects.locations.get": - -type ProjectsLocationsGetCall struct { - s *Service - name string - urlParams_ gensupport.URLParams - ifNoneMatch_ string - ctx_ context.Context - header_ http.Header -} - -// Get: Gets information about a location. -// -// - name: Resource name for the location. -func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall { - c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name - return c -} - -// Fields allows partial responses to be retrieved. See -// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse -// for more information. -func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall { - c.urlParams_.Set("fields", googleapi.CombineFields(s)) - return c -} - -// IfNoneMatch sets the optional parameter which makes the operation -// fail if the object's ETag matches the given value. This is useful for -// getting updates only after the object has changed since the last -// request. Use googleapi.IsNotModified to check whether the response -// error from Do is the result of In-None-Match. -func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall { - c.ifNoneMatch_ = entityTag - return c -} - -// Context sets the context to be used in this call's Do method. Any -// pending HTTP request will be aborted if the provided context is -// canceled. -func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall { - c.ctx_ = ctx - return c -} - -// Header returns an http.Header that can be modified by the caller to -// add HTTP headers to the request. -func (c *ProjectsLocationsGetCall) Header() http.Header { - if c.header_ == nil { - c.header_ = make(http.Header) - } - return c.header_ -} - -func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := make(http.Header) - reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) - for k, v := range c.header_ { - reqHeaders[k] = v - } - reqHeaders.Set("User-Agent", c.s.userAgent()) - if c.ifNoneMatch_ != "" { - reqHeaders.Set("If-None-Match", c.ifNoneMatch_) - } - var body io.Reader = nil - c.urlParams_.Set("alt", alt) - c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v2/{+name}") - urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("GET", urls, body) - if err != nil { - return nil, err - } - req.Header = reqHeaders - googleapi.Expand(req.URL, map[string]string{ - "name": c.name, - }) - return gensupport.SendRequest(c.ctx_, c.s.client, req) -} - -// Do executes the "bigtableadmin.projects.locations.get" call. -// Exactly one of *Location or error will be non-nil. Any non-2xx status -// code is an error. Response headers are in either -// *Location.ServerResponse.Header or (if a response was returned at -// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified -// to check whether the returned error was because -// http.StatusNotModified was returned. -func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) { - gensupport.SetOptions(c.urlParams_, opts...) - res, err := c.doRequest("json") - if res != nil && res.StatusCode == http.StatusNotModified { - if res.Body != nil { - res.Body.Close() - } - return nil, gensupport.WrapError(&googleapi.Error{ - Code: res.StatusCode, - Header: res.Header, - }) - } - if err != nil { - return nil, err - } - defer googleapi.CloseBody(res) - if err := googleapi.CheckResponse(res); err != nil { - return nil, gensupport.WrapError(err) - } - ret := &Location{ - ServerResponse: googleapi.ServerResponse{ - Header: res.Header, - HTTPStatusCode: res.StatusCode, - }, - } - target := &ret - if err := gensupport.DecodeResponse(target, res); err != nil { - return nil, err - } - return ret, nil - // { - // "description": "Gets information about a location.", - // "flatPath": "v2/projects/{projectsId}/locations/{locationsId}", - // "httpMethod": "GET", - // "id": "bigtableadmin.projects.locations.get", - // "parameterOrder": [ - // "name" - // ], - // "parameters": { - // "name": { - // "description": "Resource name for the location.", - // "location": "path", - // "pattern": "^projects/[^/]+/locations/[^/]+$", - // "required": true, - // "type": "string" - // } - // }, - // "path": "v2/{+name}", - // "response": { - // "$ref": "Location" - // }, - // "scopes": [ - // "https://www.googleapis.com/auth/bigtable.admin", - // "https://www.googleapis.com/auth/bigtable.admin.cluster", - // "https://www.googleapis.com/auth/bigtable.admin.instance", - // "https://www.googleapis.com/auth/cloud-bigtable.admin", - // "https://www.googleapis.com/auth/cloud-bigtable.admin.cluster", - // "https://www.googleapis.com/auth/cloud-platform", - // "https://www.googleapis.com/auth/cloud-platform.read-only" - // ] - // } - -} - // method id "bigtableadmin.projects.locations.list": type ProjectsLocationsListCall struct { diff --git a/chromepolicy/v1/chromepolicy-api.json b/chromepolicy/v1/chromepolicy-api.json index ac2786025ce..694e8b0abf6 100644 --- a/chromepolicy/v1/chromepolicy-api.json +++ b/chromepolicy/v1/chromepolicy-api.json @@ -557,7 +557,7 @@ } } }, - "revision": "20240101", + "revision": "20240111", "rootUrl": "https://chromepolicy.googleapis.com/", "schemas": { "GoogleChromePolicyVersionsV1AdditionalTargetKeyName": { @@ -762,6 +762,10 @@ "numericRangeConstraint": { "$ref": "GoogleChromePolicyVersionsV1NumericRangeConstraint", "description": "The allowed range for numeric fields." + }, + "uploadedFileConstraints": { + "$ref": "GoogleChromePolicyVersionsV1UploadedFileConstraints", + "description": "Constraints on the uploaded file of a file policy. If present, this policy requires a URL that can be fetched by uploading a file with the constraints specified in this proto." } }, "type": "object" @@ -1520,6 +1524,53 @@ }, "type": "object" }, + "GoogleChromePolicyVersionsV1UploadedFileConstraints": { + "description": "Constraints on the uploaded file of a file policy.", + "id": "GoogleChromePolicyVersionsV1UploadedFileConstraints", + "properties": { + "sizeLimitBytes": { + "description": "The size limit of uploaded files for a setting, in bytes.", + "format": "int64", + "type": "string" + }, + "supportedContentTypes": { + "description": "File types that can be uploaded for a setting.", + "items": { + "enum": [ + "CONTENT_TYPE_UNSPECIFIED", + "CONTENT_TYPE_PLAIN_TEXT", + "CONTENT_TYPE_HTML", + "CONTENT_TYPE_IMAGE_JPEG", + "CONTENT_TYPE_IMAGE_GIF", + "CONTENT_TYPE_IMAGE_PNG", + "CONTENT_TYPE_JSON", + "CONTENT_TYPE_ZIP", + "CONTENT_TYPE_GZIP", + "CONTENT_TYPE_CSV", + "CONTENT_TYPE_YAML", + "CONTENT_TYPE_IMAGE_WEBP" + ], + "enumDescriptions": [ + "Unspecified content type.", + "Plain text.", + "HTML.", + "JPEG.", + "GIF.", + "PNG.", + "JSON.", + "ZIP.", + "GZIP.", + "CSV.", + "YAML.", + "WEBP." + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "GoogleProtobufEmpty": { "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", "id": "GoogleProtobufEmpty", diff --git a/chromepolicy/v1/chromepolicy-gen.go b/chromepolicy/v1/chromepolicy-gen.go index 9397ead5eef..8d4a8ebc935 100644 --- a/chromepolicy/v1/chromepolicy-gen.go +++ b/chromepolicy/v1/chromepolicy-gen.go @@ -665,6 +665,11 @@ type GoogleChromePolicyVersionsV1FieldConstraints struct { // NumericRangeConstraint: The allowed range for numeric fields. NumericRangeConstraint *GoogleChromePolicyVersionsV1NumericRangeConstraint `json:"numericRangeConstraint,omitempty"` + // UploadedFileConstraints: Constraints on the uploaded file of a file + // policy. If present, this policy requires a URL that can be fetched by + // uploading a file with the constraints specified in this proto. + UploadedFileConstraints *GoogleChromePolicyVersionsV1UploadedFileConstraints `json:"uploadedFileConstraints,omitempty"` + // ForceSendFields is a list of field names (e.g. // "NumericRangeConstraint") to unconditionally include in API requests. // By default, fields with empty or default values are omitted from API @@ -1927,6 +1932,54 @@ func (s *GoogleChromePolicyVersionsV1UploadPolicyFileResponse) MarshalJSON() ([] return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleChromePolicyVersionsV1UploadedFileConstraints: Constraints on +// the uploaded file of a file policy. +type GoogleChromePolicyVersionsV1UploadedFileConstraints struct { + // SizeLimitBytes: The size limit of uploaded files for a setting, in + // bytes. + SizeLimitBytes int64 `json:"sizeLimitBytes,omitempty,string"` + + // SupportedContentTypes: File types that can be uploaded for a setting. + // + // Possible values: + // "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. + // "CONTENT_TYPE_PLAIN_TEXT" - Plain text. + // "CONTENT_TYPE_HTML" - HTML. + // "CONTENT_TYPE_IMAGE_JPEG" - JPEG. + // "CONTENT_TYPE_IMAGE_GIF" - GIF. + // "CONTENT_TYPE_IMAGE_PNG" - PNG. + // "CONTENT_TYPE_JSON" - JSON. + // "CONTENT_TYPE_ZIP" - ZIP. + // "CONTENT_TYPE_GZIP" - GZIP. + // "CONTENT_TYPE_CSV" - CSV. + // "CONTENT_TYPE_YAML" - YAML. + // "CONTENT_TYPE_IMAGE_WEBP" - WEBP. + SupportedContentTypes []string `json:"supportedContentTypes,omitempty"` + + // ForceSendFields is a list of field names (e.g. "SizeLimitBytes") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "SizeLimitBytes") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *GoogleChromePolicyVersionsV1UploadedFileConstraints) MarshalJSON() ([]byte, error) { + type NoMethod GoogleChromePolicyVersionsV1UploadedFileConstraints + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleProtobufEmpty: A generic empty message that you can re-use to // avoid defining duplicated empty messages in your APIs. A typical // example is to use it as the request or the response type of an API diff --git a/dlp/v2/dlp-api.json b/dlp/v2/dlp-api.json index 8b08489f777..eee6f0e0cff 100644 --- a/dlp/v2/dlp-api.json +++ b/dlp/v2/dlp-api.json @@ -3714,7 +3714,7 @@ } } }, - "revision": "20231210", + "revision": "20240107", "rootUrl": "https://dlp.googleapis.com/", "schemas": { "GooglePrivacyDlpV2Action": { @@ -5171,6 +5171,18 @@ }, "type": "object" }, + "GooglePrivacyDlpV2DataSourceType": { + "description": "Message used to identify the type of resource being profiled.", + "id": "GooglePrivacyDlpV2DataSourceType", + "properties": { + "dataSource": { + "description": "Output only. An identifying string to the type of resource being profiled. Current values: google/bigquery/table, google/project", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, "GooglePrivacyDlpV2DatastoreKey": { "description": "Record key for a finding in Cloud Datastore.", "id": "GooglePrivacyDlpV2DatastoreKey", @@ -8847,6 +8859,10 @@ "$ref": "GooglePrivacyDlpV2DataRiskLevel", "description": "The data risk level of this table." }, + "dataSourceType": { + "$ref": "GooglePrivacyDlpV2DataSourceType", + "description": "The resource type that was profiled." + }, "datasetId": { "description": "The BigQuery dataset ID.", "type": "string" diff --git a/dlp/v2/dlp-gen.go b/dlp/v2/dlp-gen.go index 283132d4979..23f8ce6a763 100644 --- a/dlp/v2/dlp-gen.go +++ b/dlp/v2/dlp-gen.go @@ -3061,6 +3061,37 @@ func (s *GooglePrivacyDlpV2DataRiskLevel) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GooglePrivacyDlpV2DataSourceType: Message used to identify the type +// of resource being profiled. +type GooglePrivacyDlpV2DataSourceType struct { + // DataSource: Output only. An identifying string to the type of + // resource being profiled. Current values: google/bigquery/table, + // google/project + DataSource string `json:"dataSource,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DataSource") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DataSource") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GooglePrivacyDlpV2DataSourceType) MarshalJSON() ([]byte, error) { + type NoMethod GooglePrivacyDlpV2DataSourceType + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GooglePrivacyDlpV2DatastoreKey: Record key for a finding in Cloud // Datastore. type GooglePrivacyDlpV2DatastoreKey struct { @@ -9590,6 +9621,9 @@ type GooglePrivacyDlpV2TableDataProfile struct { // DataRiskLevel: The data risk level of this table. DataRiskLevel *GooglePrivacyDlpV2DataRiskLevel `json:"dataRiskLevel,omitempty"` + // DataSourceType: The resource type that was profiled. + DataSourceType *GooglePrivacyDlpV2DataSourceType `json:"dataSourceType,omitempty"` + // DatasetId: The BigQuery dataset ID. DatasetId string `json:"datasetId,omitempty"` diff --git a/drive/v2/drive-api.json b/drive/v2/drive-api.json index 8b7275ea610..7277a83781a 100644 --- a/drive/v2/drive-api.json +++ b/drive/v2/drive-api.json @@ -3842,7 +3842,7 @@ } } }, - "revision": "20231120", + "revision": "20240110", "rootUrl": "https://www.googleapis.com/", "schemas": { "About": { @@ -4439,7 +4439,7 @@ "type": "string" }, "type": { - "description": "The type of delivery mechanism used for this channel.", + "description": "The type of delivery mechanism used for this channel. Valid values are \"web_hook\" or \"webhook\".", "type": "string" } }, diff --git a/drive/v2/drive-gen.go b/drive/v2/drive-gen.go index b1d1a846ce5..ab028fffc4e 100644 --- a/drive/v2/drive-gen.go +++ b/drive/v2/drive-gen.go @@ -1151,7 +1151,8 @@ type Channel struct { // notification delivered over this channel. Optional. Token string `json:"token,omitempty"` - // Type: The type of delivery mechanism used for this channel. + // Type: The type of delivery mechanism used for this channel. Valid + // values are "web_hook" or "webhook". Type string `json:"type,omitempty"` // ServerResponse contains the HTTP response code and headers from the diff --git a/drive/v3/drive-api.json b/drive/v3/drive-api.json index 74ef9eceb1a..405ead39b48 100644 --- a/drive/v3/drive-api.json +++ b/drive/v3/drive-api.json @@ -2433,7 +2433,7 @@ } } }, - "revision": "20231128", + "revision": "20240110", "rootUrl": "https://www.googleapis.com/", "schemas": { "About": { @@ -2706,7 +2706,7 @@ "type": "string" }, "type": { - "description": "The type of delivery mechanism used for this channel.", + "description": "The type of delivery mechanism used for this channel. Valid values are \"web_hook\" or \"webhook\".", "type": "string" } }, diff --git a/drive/v3/drive-gen.go b/drive/v3/drive-gen.go index a6700d5548f..ebf4fa96a16 100644 --- a/drive/v3/drive-gen.go +++ b/drive/v3/drive-gen.go @@ -636,7 +636,8 @@ type Channel struct { // notification delivered over this channel. Optional. Token string `json:"token,omitempty"` - // Type: The type of delivery mechanism used for this channel. + // Type: The type of delivery mechanism used for this channel. Valid + // values are "web_hook" or "webhook". Type string `json:"type,omitempty"` // ServerResponse contains the HTTP response code and headers from the diff --git a/logging/v2/logging-api.json b/logging/v2/logging-api.json index 5225816d793..a80d5db43d1 100644 --- a/logging/v2/logging-api.json +++ b/logging/v2/logging-api.json @@ -7668,7 +7668,7 @@ } } }, - "revision": "20231210", + "revision": "20240108", "rootUrl": "https://logging.googleapis.com/", "schemas": { "BigQueryDataset": { @@ -7718,7 +7718,7 @@ "type": "string" }, "state": { - "description": "State of an operation.", + "description": "Output only. State of an operation.", "enum": [ "OPERATION_STATE_UNSPECIFIED", "OPERATION_STATE_SCHEDULED", @@ -7726,7 +7726,8 @@ "OPERATION_STATE_RUNNING", "OPERATION_STATE_SUCCEEDED", "OPERATION_STATE_FAILED", - "OPERATION_STATE_CANCELLED" + "OPERATION_STATE_CANCELLED", + "OPERATION_STATE_PENDING" ], "enumDescriptions": [ "Should not be used.", @@ -7735,8 +7736,10 @@ "The operation is running.", "The operation was completed successfully.", "The operation failed.", - "The operation was cancelled by the user." + "The operation was cancelled by the user.", + "The operation is waiting for quota." ], + "readOnly": true, "type": "string" }, "updateBucketRequest": { @@ -7776,11 +7779,12 @@ "id": "CmekSettings", "properties": { "kmsKeyName": { - "description": "The resource name for the configured Cloud KMS key.KMS key name format: \"projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]\" For example:\"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key\"To enable CMEK for the Log Router, set this field to a valid kms_key_name for which the associated service account has the needed cloudkms.cryptoKeyEncrypterDecrypter roles assigned for the key.The Cloud KMS key used by the Log Router can be updated by changing the kms_key_name to a new valid key name or disabled by setting the key name to an empty string. Encryption operations that are in progress will be completed with the key that was in use when they started. Decryption operations will be completed using the key that was used at the time of encryption unless access to that key has been revoked.To disable CMEK for the Log Router, set this field to an empty string.See Enabling CMEK for Log Router (https://cloud.google.com/logging/docs/routing/managed-encryption) for more information.", + "description": "Optional. The resource name for the configured Cloud KMS key.KMS key name format: \"projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]\" For example:\"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key\"To enable CMEK for the Log Router, set this field to a valid kms_key_name for which the associated service account has the needed cloudkms.cryptoKeyEncrypterDecrypter roles assigned for the key.The Cloud KMS key used by the Log Router can be updated by changing the kms_key_name to a new valid key name or disabled by setting the key name to an empty string. Encryption operations that are in progress will be completed with the key that was in use when they started. Decryption operations will be completed using the key that was used at the time of encryption unless access to that key has been revoked.To disable CMEK for the Log Router, set this field to an empty string.See Enabling CMEK for Log Router (https://cloud.google.com/logging/docs/routing/managed-encryption) for more information.", "type": "string" }, "kmsKeyVersionName": { - "description": "The CryptoKeyVersion resource name for the configured Cloud KMS key.KMS key name format: \"projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]/cryptoKeyVersions/[VERSION]\" For example:\"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key/cryptoKeyVersions/1\"This is a read-only field used to convey the specific configured CryptoKeyVersion of kms_key that has been configured. It will be populated in cases where the CMEK settings are bound to a single key version.If this field is populated, the kms_key is tied to a specific CryptoKeyVersion.", + "description": "Output only. The CryptoKeyVersion resource name for the configured Cloud KMS key.KMS key name format: \"projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]/cryptoKeyVersions/[VERSION]\" For example:\"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key/cryptoKeyVersions/1\"This is a read-only field used to convey the specific configured CryptoKeyVersion of kms_key that has been configured. It will be populated in cases where the CMEK settings are bound to a single key version.If this field is populated, the kms_key is tied to a specific CryptoKeyVersion.", + "readOnly": true, "type": "string" }, "name": { @@ -7824,7 +7828,7 @@ "type": "string" }, "state": { - "description": "State of an operation.", + "description": "Output only. State of an operation.", "enum": [ "OPERATION_STATE_UNSPECIFIED", "OPERATION_STATE_SCHEDULED", @@ -7832,7 +7836,8 @@ "OPERATION_STATE_RUNNING", "OPERATION_STATE_SUCCEEDED", "OPERATION_STATE_FAILED", - "OPERATION_STATE_CANCELLED" + "OPERATION_STATE_CANCELLED", + "OPERATION_STATE_PENDING" ], "enumDescriptions": [ "Should not be used.", @@ -7841,8 +7846,10 @@ "The operation is running.", "The operation was completed successfully.", "The operation failed.", - "The operation was cancelled by the user." + "The operation was cancelled by the user.", + "The operation is waiting for quota." ], + "readOnly": true, "type": "string" }, "writerIdentity": { @@ -8167,7 +8174,7 @@ "properties": { "bigqueryDataset": { "$ref": "BigQueryDataset", - "description": "The information of a BigQuery Dataset. When a link is created, a BigQuery dataset is created along with it, in the same project as the LogBucket it's linked to. This dataset will also have BigQuery Views corresponding to the LogViews in the bucket." + "description": "Optional. The information of a BigQuery Dataset. When a link is created, a BigQuery dataset is created along with it, in the same project as the LogBucket it's linked to. This dataset will also have BigQuery Views corresponding to the LogViews in the bucket." }, "createTime": { "description": "Output only. The creation timestamp of the link.", @@ -8176,7 +8183,7 @@ "type": "string" }, "description": { - "description": "Describes this link.The maximum length of the description is 8000 characters.", + "description": "Optional. Describes this link.The maximum length of the description is 8000 characters.", "type": "string" }, "lifecycleState": { @@ -8201,7 +8208,8 @@ "type": "string" }, "name": { - "description": "The resource name of the link. The name can have up to 100 characters. A valid link id (at the end of the link name) must only have alphanumeric characters and underscores within it. \"projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]\" \"organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]\" \"billingAccounts/[BILLING_ACCOUNT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]\" \"folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]\" For example:`projects/my-project/locations/global/buckets/my-bucket/links/my_link", + "description": "Output only. The resource name of the link. The name can have up to 100 characters. A valid link id (at the end of the link name) must only have alphanumeric characters and underscores within it. \"projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]\" \"organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]\" \"billingAccounts/[BILLING_ACCOUNT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]\" \"folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]\" For example:`projects/my-project/locations/global/buckets/my-bucket/links/my_link", + "readOnly": true, "type": "string" } }, @@ -8230,7 +8238,7 @@ "type": "string" }, "state": { - "description": "State of an operation.", + "description": "Output only. State of an operation.", "enum": [ "OPERATION_STATE_UNSPECIFIED", "OPERATION_STATE_SCHEDULED", @@ -8238,7 +8246,8 @@ "OPERATION_STATE_RUNNING", "OPERATION_STATE_SUCCEEDED", "OPERATION_STATE_FAILED", - "OPERATION_STATE_CANCELLED" + "OPERATION_STATE_CANCELLED", + "OPERATION_STATE_PENDING" ], "enumDescriptions": [ "Should not be used.", @@ -8247,8 +8256,10 @@ "The operation is running.", "The operation was completed successfully.", "The operation failed.", - "The operation was cancelled by the user." + "The operation was cancelled by the user.", + "The operation is waiting for quota." ], + "readOnly": true, "type": "string" } }, @@ -8591,12 +8602,12 @@ "id": "LogBucket", "properties": { "analyticsEnabled": { - "description": "Whether log analytics is enabled for this bucket.Once enabled, log analytics features cannot be disabled.", + "description": "Optional. Whether log analytics is enabled for this bucket.Once enabled, log analytics features cannot be disabled.", "type": "boolean" }, "cmekSettings": { "$ref": "CmekSettings", - "description": "The CMEK settings of the log bucket. If present, new log entries written to this log bucket are encrypted using the CMEK key provided in this configuration. If a log bucket has CMEK settings, the CMEK settings cannot be disabled later by updating the log bucket. Changing the KMS key is allowed." + "description": "Optional. The CMEK settings of the log bucket. If present, new log entries written to this log bucket are encrypted using the CMEK key provided in this configuration. If a log bucket has CMEK settings, the CMEK settings cannot be disabled later by updating the log bucket. Changing the KMS key is allowed." }, "createTime": { "description": "Output only. The creation timestamp of the bucket. This is not set for any of the default buckets.", @@ -8605,11 +8616,11 @@ "type": "string" }, "description": { - "description": "Describes this bucket.", + "description": "Optional. Describes this bucket.", "type": "string" }, "indexConfigs": { - "description": "A list of indexed fields and related configuration data.", + "description": "Optional. A list of indexed fields and related configuration data.", "items": { "$ref": "IndexConfig" }, @@ -8637,7 +8648,7 @@ "type": "string" }, "locked": { - "description": "Whether the bucket is locked.The retention period on a locked bucket cannot be changed. Locked buckets may only be deleted if they are empty.", + "description": "Optional. Whether the bucket is locked.The retention period on a locked bucket cannot be changed. Locked buckets may only be deleted if they are empty.", "type": "boolean" }, "name": { @@ -8646,14 +8657,14 @@ "type": "string" }, "restrictedFields": { - "description": "Log entry field paths that are denied access in this bucket.The following fields and their children are eligible: textPayload, jsonPayload, protoPayload, httpRequest, labels, sourceLocation.Restricting a repeated field will restrict all values. Adding a parent will block all child fields. (e.g. foo.bar will block foo.bar.baz)", + "description": "Optional. Log entry field paths that are denied access in this bucket.The following fields and their children are eligible: textPayload, jsonPayload, protoPayload, httpRequest, labels, sourceLocation.Restricting a repeated field will restrict all values. Adding a parent will block all child fields. (e.g. foo.bar will block foo.bar.baz)", "items": { "type": "string" }, "type": "array" }, "retentionDays": { - "description": "Logs will be retained by default for this amount of time, after which they will automatically be deleted. The minimum retention period is 1 day. If this value is set to zero at bucket creation time, the default time of 30 days will be used.", + "description": "Optional. Logs will be retained by default for this amount of time, after which they will automatically be deleted. The minimum retention period is 1 day. If this value is set to zero at bucket creation time, the default time of 30 days will be used.", "format": "int32", "type": "integer" }, @@ -8868,7 +8879,8 @@ "type": "string" }, "name": { - "description": "Required. A client-assigned identifier, such as \"load-balancer-exclusion\". Identifiers are limited to 100 characters and can include only letters, digits, underscores, hyphens, and periods. First character has to be alphanumeric.", + "description": "Output only. A client-assigned identifier, such as \"load-balancer-exclusion\". Identifiers are limited to 100 characters and can include only letters, digits, underscores, hyphens, and periods. First character has to be alphanumeric.", + "readOnly": true, "type": "string" }, "updateTime": { @@ -9039,7 +9051,8 @@ "type": "boolean" }, "name": { - "description": "Required. The client-assigned sink identifier, unique within the project.For example: \"my-syslog-errors-to-pubsub\".Sink identifiers are limited to 100 characters and can include only the following characters: upper and lower-case alphanumeric characters, underscores, hyphens, periods.First character has to be alphanumeric.", + "description": "Output only. The client-assigned sink identifier, unique within the project.For example: \"my-syslog-errors-to-pubsub\".Sink identifiers are limited to 100 characters and can include only the following characters: upper and lower-case alphanumeric characters, underscores, hyphens, periods.First character has to be alphanumeric.", + "readOnly": true, "type": "string" }, "outputVersionFormat": { @@ -9103,15 +9116,16 @@ "type": "string" }, "description": { - "description": "Describes this view.", + "description": "Optional. Describes this view.", "type": "string" }, "filter": { - "description": "Filter that restricts which log entries in a bucket are visible in this view.Filters must be logical conjunctions that use the AND operator, and they can use any of the following qualifiers: SOURCE(), which specifies a project, folder, organization, or billing account of origin. resource.type, which specifies the resource type. LOG_ID(), which identifies the log.They can also use the negations of these qualifiers with the NOT operator.For example:SOURCE(\"projects/myproject\") AND resource.type = \"gce_instance\" AND NOT LOG_ID(\"stdout\")", + "description": "Optional. Filter that restricts which log entries in a bucket are visible in this view.Filters must be logical conjunctions that use the AND operator, and they can use any of the following qualifiers: SOURCE(), which specifies a project, folder, organization, or billing account of origin. resource.type, which specifies the resource type. LOG_ID(), which identifies the log.They can also use the negations of these qualifiers with the NOT operator.For example:SOURCE(\"projects/myproject\") AND resource.type = \"gce_instance\" AND NOT LOG_ID(\"stdout\")", "type": "string" }, "name": { - "description": "The resource name of the view.For example:projects/my-project/locations/global/buckets/my-bucket/views/my-view", + "description": "Output only. The resource name of the view.For example:projects/my-project/locations/global/buckets/my-bucket/views/my-view", + "readOnly": true, "type": "string" }, "updateTime": { @@ -9128,7 +9142,7 @@ "id": "LoggingQuery", "properties": { "filter": { - "description": "An advanced query using the Logging Query Language (https://cloud.google.com/logging/docs/view/logging-query-language). The maximum length of the filter is 20000 characters.", + "description": "Required. An advanced query using the Logging Query Language (https://cloud.google.com/logging/docs/view/logging-query-language). The maximum length of the filter is 20000 characters.", "type": "string" }, "summaryFieldEnd": { @@ -9142,7 +9156,7 @@ "type": "integer" }, "summaryFields": { - "description": "The set of summary fields to display for this saved query.", + "description": "Optional. The set of summary fields to display for this saved query.", "items": { "$ref": "SummaryField" }, @@ -9366,7 +9380,7 @@ "type": "string" }, "type": { - "description": "Required. The monitored resource type. For example, the type \"cloudsql_database\" represents databases in Google Cloud SQL. For a list of types, see Monitoring resource types (https://cloud.google.com/monitoring/api/resources) and Logging resource types (https://cloud.google.com/logging/docs/api/v2/resource-list).", + "description": "Required. The monitored resource type. For example, the type \"cloudsql_database\" represents databases in Google Cloud SQL. For a list of types, see Monitored resource types (https://cloud.google.com/monitoring/api/resources) and Logging resource types (https://cloud.google.com/logging/docs/api/v2/resource-list).", "type": "string" } }, @@ -9445,8 +9459,9 @@ "id": "RecentQuery", "properties": { "lastRunTime": { - "description": "The timestamp when this query was last run.", + "description": "Output only. The timestamp when this query was last run.", "format": "google-datetime", + "readOnly": true, "type": "string" }, "loggingQuery": { @@ -9634,11 +9649,11 @@ "type": "string" }, "description": { - "description": "A human readable description of the saved query.", + "description": "Optional. A human readable description of the saved query.", "type": "string" }, "displayName": { - "description": "The user specified title for the SavedQuery.", + "description": "Optional. The user specified title for the SavedQuery.", "type": "string" }, "loggingQuery": { @@ -9768,7 +9783,7 @@ "id": "SummaryField", "properties": { "field": { - "description": "The field from the LogEntry to include in the summary line, for example resource.type or jsonPayload.name.", + "description": "Optional. The field from the LogEntry to include in the summary line, for example resource.type or jsonPayload.name.", "type": "string" } }, diff --git a/logging/v2/logging-gen.go b/logging/v2/logging-gen.go index e7060173609..73f5dadd78e 100644 --- a/logging/v2/logging-gen.go +++ b/logging/v2/logging-gen.go @@ -988,7 +988,7 @@ type BucketMetadata struct { // StartTime: The create time of an operation. StartTime string `json:"startTime,omitempty"` - // State: State of an operation. + // State: Output only. State of an operation. // // Possible values: // "OPERATION_STATE_UNSPECIFIED" - Should not be used. @@ -1001,6 +1001,7 @@ type BucketMetadata struct { // "OPERATION_STATE_FAILED" - The operation failed. // "OPERATION_STATE_CANCELLED" - The operation was cancelled by the // user. + // "OPERATION_STATE_PENDING" - The operation is waiting for quota. State string `json:"state,omitempty"` // UpdateBucketRequest: LongRunningUpdateBucket RPC request. @@ -1093,8 +1094,8 @@ type CancelOperationRequest struct { // (https://cloud.google.com/logging/docs/routing/managed-encryption) // for more information. type CmekSettings struct { - // KmsKeyName: The resource name for the configured Cloud KMS key.KMS - // key name format: + // KmsKeyName: Optional. The resource name for the configured Cloud KMS + // key.KMS key name format: // "projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoK // eys/[KEY]" For // example:"projects/my-project/locations/us-central1/keyRings/my-ring/cr @@ -1113,8 +1114,8 @@ type CmekSettings struct { // for more information. KmsKeyName string `json:"kmsKeyName,omitempty"` - // KmsKeyVersionName: The CryptoKeyVersion resource name for the - // configured Cloud KMS key.KMS key name format: + // KmsKeyVersionName: Output only. The CryptoKeyVersion resource name + // for the configured Cloud KMS key.KMS key name format: // "projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoK // eys/[KEY]/cryptoKeyVersions/[VERSION]" For // example:"projects/my-project/locations/us-central1/keyRings/my-ring/cr @@ -1185,7 +1186,7 @@ type CopyLogEntriesMetadata struct { // StartTime: The create time of an operation. StartTime string `json:"startTime,omitempty"` - // State: State of an operation. + // State: Output only. State of an operation. // // Possible values: // "OPERATION_STATE_UNSPECIFIED" - Should not be used. @@ -1198,6 +1199,7 @@ type CopyLogEntriesMetadata struct { // "OPERATION_STATE_FAILED" - The operation failed. // "OPERATION_STATE_CANCELLED" - The operation was cancelled by the // user. + // "OPERATION_STATE_PENDING" - The operation is waiting for quota. State string `json:"state,omitempty"` // WriterIdentity: The IAM identity of a service account that must be @@ -1827,16 +1829,17 @@ func (s *Linear) UnmarshalJSON(data []byte) error { // Link: Describes a link connected to an analytics enabled bucket. type Link struct { - // BigqueryDataset: The information of a BigQuery Dataset. When a link - // is created, a BigQuery dataset is created along with it, in the same - // project as the LogBucket it's linked to. This dataset will also have - // BigQuery Views corresponding to the LogViews in the bucket. + // BigqueryDataset: Optional. The information of a BigQuery Dataset. + // When a link is created, a BigQuery dataset is created along with it, + // in the same project as the LogBucket it's linked to. This dataset + // will also have BigQuery Views corresponding to the LogViews in the + // bucket. BigqueryDataset *BigQueryDataset `json:"bigqueryDataset,omitempty"` // CreateTime: Output only. The creation timestamp of the link. CreateTime string `json:"createTime,omitempty"` - // Description: Describes this link.The maximum length of the + // Description: Optional. Describes this link.The maximum length of the // description is 8000 characters. Description string `json:"description,omitempty"` @@ -1856,9 +1859,9 @@ type Link struct { // "FAILED" - The resource is in an INTERNAL error state. LifecycleState string `json:"lifecycleState,omitempty"` - // Name: The resource name of the link. The name can have up to 100 - // characters. A valid link id (at the end of the link name) must only - // have alphanumeric characters and underscores within it. + // Name: Output only. The resource name of the link. The name can have + // up to 100 characters. A valid link id (at the end of the link name) + // must only have alphanumeric characters and underscores within it. // "projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/lin // ks/[LINK_ID]" // "organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCK @@ -1913,7 +1916,7 @@ type LinkMetadata struct { // StartTime: The start time of an operation. StartTime string `json:"startTime,omitempty"` - // State: State of an operation. + // State: Output only. State of an operation. // // Possible values: // "OPERATION_STATE_UNSPECIFIED" - Should not be used. @@ -1926,6 +1929,7 @@ type LinkMetadata struct { // "OPERATION_STATE_FAILED" - The operation failed. // "OPERATION_STATE_CANCELLED" - The operation was cancelled by the // user. + // "OPERATION_STATE_PENDING" - The operation is waiting for quota. State string `json:"state,omitempty"` // ForceSendFields is a list of field names (e.g. "CreateLinkRequest") @@ -2640,26 +2644,26 @@ func (s *LocationMetadata) MarshalJSON() ([]byte, error) { // LogBucket: Describes a repository in which log entries are stored. type LogBucket struct { - // AnalyticsEnabled: Whether log analytics is enabled for this + // AnalyticsEnabled: Optional. Whether log analytics is enabled for this // bucket.Once enabled, log analytics features cannot be disabled. AnalyticsEnabled bool `json:"analyticsEnabled,omitempty"` - // CmekSettings: The CMEK settings of the log bucket. If present, new - // log entries written to this log bucket are encrypted using the CMEK - // key provided in this configuration. If a log bucket has CMEK - // settings, the CMEK settings cannot be disabled later by updating the - // log bucket. Changing the KMS key is allowed. + // CmekSettings: Optional. The CMEK settings of the log bucket. If + // present, new log entries written to this log bucket are encrypted + // using the CMEK key provided in this configuration. If a log bucket + // has CMEK settings, the CMEK settings cannot be disabled later by + // updating the log bucket. Changing the KMS key is allowed. CmekSettings *CmekSettings `json:"cmekSettings,omitempty"` // CreateTime: Output only. The creation timestamp of the bucket. This // is not set for any of the default buckets. CreateTime string `json:"createTime,omitempty"` - // Description: Describes this bucket. + // Description: Optional. Describes this bucket. Description string `json:"description,omitempty"` - // IndexConfigs: A list of indexed fields and related configuration - // data. + // IndexConfigs: Optional. A list of indexed fields and related + // configuration data. IndexConfigs []*IndexConfig `json:"indexConfigs,omitempty"` // LifecycleState: Output only. The bucket lifecycle state. @@ -2678,9 +2682,9 @@ type LogBucket struct { // "FAILED" - The resource is in an INTERNAL error state. LifecycleState string `json:"lifecycleState,omitempty"` - // Locked: Whether the bucket is locked.The retention period on a locked - // bucket cannot be changed. Locked buckets may only be deleted if they - // are empty. + // Locked: Optional. Whether the bucket is locked.The retention period + // on a locked bucket cannot be changed. Locked buckets may only be + // deleted if they are empty. Locked bool `json:"locked,omitempty"` // Name: Output only. The resource name of the bucket.For @@ -2692,18 +2696,18 @@ type LogBucket struct { // changed. Name string `json:"name,omitempty"` - // RestrictedFields: Log entry field paths that are denied access in - // this bucket.The following fields and their children are eligible: - // textPayload, jsonPayload, protoPayload, httpRequest, labels, - // sourceLocation.Restricting a repeated field will restrict all values. - // Adding a parent will block all child fields. (e.g. foo.bar will block - // foo.bar.baz) + // RestrictedFields: Optional. Log entry field paths that are denied + // access in this bucket.The following fields and their children are + // eligible: textPayload, jsonPayload, protoPayload, httpRequest, + // labels, sourceLocation.Restricting a repeated field will restrict all + // values. Adding a parent will block all child fields. (e.g. foo.bar + // will block foo.bar.baz) RestrictedFields []string `json:"restrictedFields,omitempty"` - // RetentionDays: Logs will be retained by default for this amount of - // time, after which they will automatically be deleted. The minimum - // retention period is 1 day. If this value is set to zero at bucket - // creation time, the default time of 30 days will be used. + // RetentionDays: Optional. Logs will be retained by default for this + // amount of time, after which they will automatically be deleted. The + // minimum retention period is 1 day. If this value is set to zero at + // bucket creation time, the default time of 30 days will be used. RetentionDays int64 `json:"retentionDays,omitempty"` // UpdateTime: Output only. The last update timestamp of the bucket. @@ -3083,7 +3087,7 @@ type LogExclusion struct { // severity