diff --git a/generated/google/apis/clouderrorreporting_v1beta1.rb b/generated/google/apis/clouderrorreporting_v1beta1.rb
index 9830744a0..6753b9ca4 100644
--- a/generated/google/apis/clouderrorreporting_v1beta1.rb
+++ b/generated/google/apis/clouderrorreporting_v1beta1.rb
@@ -26,7 +26,7 @@ module Google
# @see https://cloud.google.com/error-reporting/
module ClouderrorreportingV1beta1
VERSION = 'V1beta1'
- REVISION = '20190411'
+ REVISION = '20190925'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/clouderrorreporting_v1beta1/classes.rb b/generated/google/apis/clouderrorreporting_v1beta1/classes.rb
index b7189afe4..49671f694 100644
--- a/generated/google/apis/clouderrorreporting_v1beta1/classes.rb
+++ b/generated/google/apis/clouderrorreporting_v1beta1/classes.rb
@@ -406,14 +406,14 @@ module Google
# @return [Google::Apis::ClouderrorreportingV1beta1::ErrorContext]
attr_accessor :context
- # [Optional] Time when the event occurred.
+ # Optional. Time when the event occurred.
# If not provided, the time when the event was received by the
# Error Reporting system will be used.
# Corresponds to the JSON property `eventTime`
# @return [String]
attr_accessor :event_time
- # [Required] The error message.
+ # Required. The error message.
# If no `context.reportLocation` is provided, the message must contain a
# header (typically consisting of the exception type name and an error
# message) and an exception stack trace in one of the supported programming
diff --git a/generated/google/apis/clouderrorreporting_v1beta1/service.rb b/generated/google/apis/clouderrorreporting_v1beta1/service.rb
index 4b3b111e3..0eeeab9db 100644
--- a/generated/google/apis/clouderrorreporting_v1beta1/service.rb
+++ b/generated/google/apis/clouderrorreporting_v1beta1/service.rb
@@ -50,7 +50,7 @@ module Google
# Deletes all error events of a given project.
# @param [String] project_name
- # [Required] The resource name of the Google Cloud Platform project. Written
+ # Required. The resource name of the Google Cloud Platform project. Written
# as `projects/` plus the
# [Google Cloud Platform project
# ID](https://support.google.com/cloud/answer/6158840).
@@ -84,27 +84,27 @@ module Google
# Lists the specified events.
# @param [String] project_name
- # [Required] The resource name of the Google Cloud Platform project. Written
+ # Required. The resource name of the Google Cloud Platform project. Written
# as `projects/` plus the
# [Google Cloud Platform project
# ID](https://support.google.com/cloud/answer/6158840).
# Example: `projects/my-project-123`.
# @param [String] group_id
- # [Required] The group for which events shall be returned.
+ # Required. The group for which events shall be returned.
# @param [Fixnum] page_size
- # [Optional] The maximum number of results to return per response.
+ # Optional. The maximum number of results to return per response.
# @param [String] page_token
- # [Optional] A `next_page_token` provided by a previous response.
+ # Optional. A `next_page_token` provided by a previous response.
# @param [String] service_filter_resource_type
- # [Optional] The exact value to match against
+ # Optional. The exact value to match against
# [`ServiceContext.resource_type`](/error-reporting/reference/rest/v1beta1/
# ServiceContext#FIELDS.resource_type).
# @param [String] service_filter_service
- # [Optional] The exact value to match against
+ # Optional. The exact value to match against
# [`ServiceContext.service`](/error-reporting/reference/rest/v1beta1/
# ServiceContext#FIELDS.service).
# @param [String] service_filter_version
- # [Optional] The exact value to match against
+ # Optional. The exact value to match against
# [`ServiceContext.version`](/error-reporting/reference/rest/v1beta1/
# ServiceContext#FIELDS.version).
# @param [String] time_range_period
@@ -152,7 +152,7 @@ module Google
# https://clouderrorreporting.googleapis.com/v1beta1/projects/example-project/
# events:report?key=123ABC456`
# @param [String] project_name
- # [Required] The resource name of the Google Cloud Platform project. Written
+ # Required. The resource name of the Google Cloud Platform project. Written
# as `projects/` plus the
# [Google Cloud Platform project
# ID](https://support.google.com/cloud/answer/6158840). Example:
@@ -189,45 +189,45 @@ module Google
# Lists the specified groups.
# @param [String] project_name
- # [Required] The resource name of the Google Cloud Platform project. Written
+ # Required. The resource name of the Google Cloud Platform project. Written
# as projects/ plus the
# Google Cloud
# Platform project ID.
# Example: projects/my-project-123.
# @param [String] alignment
- # [Optional] The alignment of the timed counts to be returned.
+ # Optional. The alignment of the timed counts to be returned.
# Default is `ALIGNMENT_EQUAL_AT_END`.
# @param [String] alignment_time
- # [Optional] Time where the timed counts shall be aligned if rounded
+ # Optional. Time where the timed counts shall be aligned if rounded
# alignment is chosen. Default is 00:00 UTC.
# @param [Array, String] group_id
- # [Optional] List all ErrorGroupStats with these IDs.
+ # Optional. List all ErrorGroupStats with these IDs.
# @param [String] order
- # [Optional] The sort order in which the results are returned.
+ # Optional. The sort order in which the results are returned.
# Default is `COUNT_DESC`.
# @param [Fixnum] page_size
- # [Optional] The maximum number of results to return per response.
+ # Optional. The maximum number of results to return per response.
# Default is 20.
# @param [String] page_token
- # [Optional] A `next_page_token` provided by a previous response. To view
+ # Optional. A `next_page_token` provided by a previous response. To view
# additional results, pass this token along with the identical query
# parameters as the first request.
# @param [String] service_filter_resource_type
- # [Optional] The exact value to match against
+ # Optional. The exact value to match against
# [`ServiceContext.resource_type`](/error-reporting/reference/rest/v1beta1/
# ServiceContext#FIELDS.resource_type).
# @param [String] service_filter_service
- # [Optional] The exact value to match against
+ # Optional. The exact value to match against
# [`ServiceContext.service`](/error-reporting/reference/rest/v1beta1/
# ServiceContext#FIELDS.service).
# @param [String] service_filter_version
- # [Optional] The exact value to match against
+ # Optional. The exact value to match against
# [`ServiceContext.version`](/error-reporting/reference/rest/v1beta1/
# ServiceContext#FIELDS.version).
# @param [String] time_range_period
# Restricts the query to the specified time range.
# @param [String] timed_count_duration
- # [Optional] The preferred duration for a single returned `TimedCount`.
+ # Optional. The preferred duration for a single returned `TimedCount`.
# If not set, no timed counts are returned.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
@@ -269,7 +269,7 @@ module Google
# Get the specified group.
# @param [String] group_name
- # [Required] The group resource name. Written as
+ # Required. The group resource name. Written as
# projects/projectID/groups/group_name.
# Call
#
diff --git a/generated/google/apis/cloudfunctions_v1.rb b/generated/google/apis/cloudfunctions_v1.rb
index 4e3001a67..fc3a94229 100644
--- a/generated/google/apis/cloudfunctions_v1.rb
+++ b/generated/google/apis/cloudfunctions_v1.rb
@@ -25,7 +25,7 @@ module Google
# @see https://cloud.google.com/functions
module CloudfunctionsV1
VERSION = 'V1'
- REVISION = '20190917'
+ REVISION = '20190923'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/cloudfunctions_v1/classes.rb b/generated/google/apis/cloudfunctions_v1/classes.rb
index 827db529c..ac918c695 100644
--- a/generated/google/apis/cloudfunctions_v1/classes.rb
+++ b/generated/google/apis/cloudfunctions_v1/classes.rb
@@ -923,25 +923,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -951,11 +960,15 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
class Policy
@@ -966,7 +979,8 @@ module Google
# @return [Array]
attr_accessor :audit_configs
- # Associates a list of `members` to a `role`.
+ # Associates a list of `members` to a `role`. Optionally may specify a
+ # `condition` that determines when binding is in effect.
# `bindings` with no members will result in an error.
# Corresponds to the JSON property `bindings`
# @return [Array]
@@ -980,7 +994,9 @@ module Google
# systems are expected to put that etag in the request to `setIamPolicy` to
# ensure that their change will be applied to the same version of the policy.
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
- # policy is overwritten.
+ # policy is overwritten. Due to blind-set semantics of an etag-less policy,
+ # 'setIamPolicy' will not fail even if either of incoming or stored policy
+ # does not meet the version requirements.
# Corresponds to the JSON property `etag`
# NOTE: Values are automatically base64 encoded/decoded in the client library.
# @return [String]
@@ -989,9 +1005,13 @@ module Google
# Specifies the format of the policy.
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
# rejected.
- # Policies with any conditional bindings must specify version 3. Policies
- # without any conditional bindings may specify any valid value or leave the
- # field unset.
+ # Operations affecting conditional bindings must specify version 3. This can
+ # be either setting a conditional policy, modifying a conditional binding,
+ # or removing a conditional binding from the stored conditional policy.
+ # Operations on non-conditional policies may specify any valid value or
+ # leave the field unset.
+ # If no etag is provided in the call to `setIamPolicy`, any version
+ # compliance checks on the incoming and/or stored policy is skipped.
# Corresponds to the JSON property `version`
# @return [Fixnum]
attr_accessor :version
@@ -1032,25 +1052,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -1060,11 +1089,15 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
# Corresponds to the JSON property `policy`
diff --git a/generated/google/apis/cloudresourcemanager_v1.rb b/generated/google/apis/cloudresourcemanager_v1.rb
index dd04327bd..5bc41fdf6 100644
--- a/generated/google/apis/cloudresourcemanager_v1.rb
+++ b/generated/google/apis/cloudresourcemanager_v1.rb
@@ -26,7 +26,7 @@ module Google
# @see https://cloud.google.com/resource-manager
module CloudresourcemanagerV1
VERSION = 'V1'
- REVISION = '20190830'
+ REVISION = '20190927'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/cloudresourcemanager_v1/classes.rb b/generated/google/apis/cloudresourcemanager_v1/classes.rb
index 5675662c3..4667fb383 100644
--- a/generated/google/apis/cloudresourcemanager_v1/classes.rb
+++ b/generated/google/apis/cloudresourcemanager_v1/classes.rb
@@ -1291,25 +1291,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -1319,11 +1328,15 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
class Policy
@@ -1334,7 +1347,8 @@ module Google
# @return [Array]
attr_accessor :audit_configs
- # Associates a list of `members` to a `role`.
+ # Associates a list of `members` to a `role`. Optionally may specify a
+ # `condition` that determines when binding is in effect.
# `bindings` with no members will result in an error.
# Corresponds to the JSON property `bindings`
# @return [Array]
@@ -1348,7 +1362,9 @@ module Google
# systems are expected to put that etag in the request to `setIamPolicy` to
# ensure that their change will be applied to the same version of the policy.
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
- # policy is overwritten.
+ # policy is overwritten. Due to blind-set semantics of an etag-less policy,
+ # 'setIamPolicy' will not fail even if either of incoming or stored policy
+ # does not meet the version requirements.
# Corresponds to the JSON property `etag`
# NOTE: Values are automatically base64 encoded/decoded in the client library.
# @return [String]
@@ -1357,9 +1373,13 @@ module Google
# Specifies the format of the policy.
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
# rejected.
- # Policies with any conditional bindings must specify version 3. Policies
- # without any conditional bindings may specify any valid value or leave the
- # field unset.
+ # Operations affecting conditional bindings must specify version 3. This can
+ # be either setting a conditional policy, modifying a conditional binding,
+ # or removing a conditional binding from the stored conditional policy.
+ # Operations on non-conditional policies may specify any valid value or
+ # leave the field unset.
+ # If no etag is provided in the call to `setIamPolicy`, any version
+ # compliance checks on the incoming and/or stored policy is skipped.
# Corresponds to the JSON property `version`
# @return [Fixnum]
attr_accessor :version
@@ -1512,7 +1532,7 @@ module Google
attr_accessor :id
# Required field representing the resource type this id is for.
- # At present, the valid types are: "organization" and "folder".
+ # At present, the valid types are: "organization", "folder", and "project".
# Corresponds to the JSON property `type`
# @return [String]
attr_accessor :type
@@ -1629,25 +1649,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -1657,11 +1686,15 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
# Corresponds to the JSON property `policy`
diff --git a/generated/google/apis/cloudresourcemanager_v1beta1.rb b/generated/google/apis/cloudresourcemanager_v1beta1.rb
index f8e913a2d..b28d0dd42 100644
--- a/generated/google/apis/cloudresourcemanager_v1beta1.rb
+++ b/generated/google/apis/cloudresourcemanager_v1beta1.rb
@@ -26,7 +26,7 @@ module Google
# @see https://cloud.google.com/resource-manager
module CloudresourcemanagerV1beta1
VERSION = 'V1beta1'
- REVISION = '20190830'
+ REVISION = '20190927'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/cloudresourcemanager_v1beta1/classes.rb b/generated/google/apis/cloudresourcemanager_v1beta1/classes.rb
index 86d657976..6f5a60e02 100644
--- a/generated/google/apis/cloudresourcemanager_v1beta1/classes.rb
+++ b/generated/google/apis/cloudresourcemanager_v1beta1/classes.rb
@@ -562,25 +562,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -590,11 +599,15 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
class Policy
@@ -605,7 +618,8 @@ module Google
# @return [Array]
attr_accessor :audit_configs
- # Associates a list of `members` to a `role`.
+ # Associates a list of `members` to a `role`. Optionally may specify a
+ # `condition` that determines when binding is in effect.
# `bindings` with no members will result in an error.
# Corresponds to the JSON property `bindings`
# @return [Array]
@@ -619,7 +633,9 @@ module Google
# systems are expected to put that etag in the request to `setIamPolicy` to
# ensure that their change will be applied to the same version of the policy.
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
- # policy is overwritten.
+ # policy is overwritten. Due to blind-set semantics of an etag-less policy,
+ # 'setIamPolicy' will not fail even if either of incoming or stored policy
+ # does not meet the version requirements.
# Corresponds to the JSON property `etag`
# NOTE: Values are automatically base64 encoded/decoded in the client library.
# @return [String]
@@ -628,9 +644,13 @@ module Google
# Specifies the format of the policy.
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
# rejected.
- # Policies with any conditional bindings must specify version 3. Policies
- # without any conditional bindings may specify any valid value or leave the
- # field unset.
+ # Operations affecting conditional bindings must specify version 3. This can
+ # be either setting a conditional policy, modifying a conditional binding,
+ # or removing a conditional binding from the stored conditional policy.
+ # Operations on non-conditional policies may specify any valid value or
+ # leave the field unset.
+ # If no etag is provided in the call to `setIamPolicy`, any version
+ # compliance checks on the incoming and/or stored policy is skipped.
# Corresponds to the JSON property `version`
# @return [Fixnum]
attr_accessor :version
@@ -805,25 +825,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -833,11 +862,15 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
# Corresponds to the JSON property `policy`
diff --git a/generated/google/apis/cloudresourcemanager_v2beta1.rb b/generated/google/apis/cloudresourcemanager_v2beta1.rb
index b56bc5acf..b5ded2bae 100644
--- a/generated/google/apis/cloudresourcemanager_v2beta1.rb
+++ b/generated/google/apis/cloudresourcemanager_v2beta1.rb
@@ -26,7 +26,7 @@ module Google
# @see https://cloud.google.com/resource-manager
module CloudresourcemanagerV2beta1
VERSION = 'V2beta1'
- REVISION = '20190830'
+ REVISION = '20190927'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/cloudresourcemanager_v2beta1/classes.rb b/generated/google/apis/cloudresourcemanager_v2beta1/classes.rb
index d157ad954..61d60ea9a 100644
--- a/generated/google/apis/cloudresourcemanager_v2beta1/classes.rb
+++ b/generated/google/apis/cloudresourcemanager_v2beta1/classes.rb
@@ -505,25 +505,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -533,11 +542,15 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
class Policy
@@ -548,7 +561,8 @@ module Google
# @return [Array]
attr_accessor :audit_configs
- # Associates a list of `members` to a `role`.
+ # Associates a list of `members` to a `role`. Optionally may specify a
+ # `condition` that determines when binding is in effect.
# `bindings` with no members will result in an error.
# Corresponds to the JSON property `bindings`
# @return [Array]
@@ -562,7 +576,9 @@ module Google
# systems are expected to put that etag in the request to `setIamPolicy` to
# ensure that their change will be applied to the same version of the policy.
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
- # policy is overwritten.
+ # policy is overwritten. Due to blind-set semantics of an etag-less policy,
+ # 'setIamPolicy' will not fail even if either of incoming or stored policy
+ # does not meet the version requirements.
# Corresponds to the JSON property `etag`
# NOTE: Values are automatically base64 encoded/decoded in the client library.
# @return [String]
@@ -571,9 +587,13 @@ module Google
# Specifies the format of the policy.
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
# rejected.
- # Policies with any conditional bindings must specify version 3. Policies
- # without any conditional bindings may specify any valid value or leave the
- # field unset.
+ # Operations affecting conditional bindings must specify version 3. This can
+ # be either setting a conditional policy, modifying a conditional binding,
+ # or removing a conditional binding from the stored conditional policy.
+ # Operations on non-conditional policies may specify any valid value or
+ # leave the field unset.
+ # If no etag is provided in the call to `setIamPolicy`, any version
+ # compliance checks on the incoming and/or stored policy is skipped.
# Corresponds to the JSON property `version`
# @return [Fixnum]
attr_accessor :version
@@ -714,25 +734,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -742,11 +771,15 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
# Corresponds to the JSON property `policy`
diff --git a/generated/google/apis/drive_v2.rb b/generated/google/apis/drive_v2.rb
index a44beebea..659b5d02b 100644
--- a/generated/google/apis/drive_v2.rb
+++ b/generated/google/apis/drive_v2.rb
@@ -26,7 +26,7 @@ module Google
# @see https://developers.google.com/drive/
module DriveV2
VERSION = 'V2'
- REVISION = '20190919'
+ REVISION = '20190926'
# See, edit, create, and delete all of your Google Drive files
AUTH_DRIVE = 'https://www.googleapis.com/auth/drive'
diff --git a/generated/google/apis/drive_v2/classes.rb b/generated/google/apis/drive_v2/classes.rb
index abf863ae5..09a4b25c3 100644
--- a/generated/google/apis/drive_v2/classes.rb
+++ b/generated/google/apis/drive_v2/classes.rb
@@ -3416,6 +3416,8 @@ module Google
# be populated and can only be modified on files with content stored in Drive
# which are not Google Docs. Revisions can also be pinned when they are created
# through the drive.files.insert/update/copy by using the pinned query parameter.
+ # Pinned revisions are stored indefinitely using additional storage quota, up
+ # to a maximum of 200 revisions.
# Corresponds to the JSON property `pinned`
# @return [Boolean]
attr_accessor :pinned
diff --git a/generated/google/apis/drive_v3.rb b/generated/google/apis/drive_v3.rb
index bd34df569..3b9bfa97e 100644
--- a/generated/google/apis/drive_v3.rb
+++ b/generated/google/apis/drive_v3.rb
@@ -26,7 +26,7 @@ module Google
# @see https://developers.google.com/drive/
module DriveV3
VERSION = 'V3'
- REVISION = '20190919'
+ REVISION = '20190926'
# See, edit, create, and delete all of your Google Drive files
AUTH_DRIVE = 'https://www.googleapis.com/auth/drive'
diff --git a/generated/google/apis/drive_v3/service.rb b/generated/google/apis/drive_v3/service.rb
index d673d99c7..2ef45b866 100644
--- a/generated/google/apis/drive_v3/service.rb
+++ b/generated/google/apis/drive_v3/service.rb
@@ -792,7 +792,9 @@ module Google
# Permissions are still inherited from parent folders.
# @param [Boolean] keep_revision_forever
# Whether to set the 'keepForever' field in the new head revision. This is only
- # applicable to files with binary content in Google Drive.
+ # applicable to files with binary content in Google Drive. Only 200 revisions
+ # for the file can be kept forever. If the limit is reached, try deleting pinned
+ # revisions.
# @param [String] ocr_language
# A language hint for OCR processing during image import (ISO 639-1 code).
# @param [Boolean] supports_all_drives
@@ -847,7 +849,9 @@ module Google
# Permissions are still inherited from parent folders.
# @param [Boolean] keep_revision_forever
# Whether to set the 'keepForever' field in the new head revision. This is only
- # applicable to files with binary content in Google Drive.
+ # applicable to files with binary content in Google Drive. Only 200 revisions
+ # for the file can be kept forever. If the limit is reached, try deleting pinned
+ # revisions.
# @param [String] ocr_language
# A language hint for OCR processing during image import (ISO 639-1 code).
# @param [Boolean] supports_all_drives
@@ -1199,7 +1203,9 @@ module Google
# A comma-separated list of parent IDs to add.
# @param [Boolean] keep_revision_forever
# Whether to set the 'keepForever' field in the new head revision. This is only
- # applicable to files with binary content in Google Drive.
+ # applicable to files with binary content in Google Drive. Only 200 revisions
+ # for the file can be kept forever. If the limit is reached, try deleting pinned
+ # revisions.
# @param [String] ocr_language
# A language hint for OCR processing during image import (ISO 639-1 code).
# @param [String] remove_parents
diff --git a/generated/google/apis/pubsub_v1.rb b/generated/google/apis/pubsub_v1.rb
index 752125a4c..8a0fce8c2 100644
--- a/generated/google/apis/pubsub_v1.rb
+++ b/generated/google/apis/pubsub_v1.rb
@@ -25,7 +25,7 @@ module Google
# @see https://cloud.google.com/pubsub/docs
module PubsubV1
VERSION = 'V1'
- REVISION = '20190826'
+ REVISION = '20190923'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/pubsub_v1/classes.rb b/generated/google/apis/pubsub_v1/classes.rb
index bd6e43745..f0fa2df24 100644
--- a/generated/google/apis/pubsub_v1/classes.rb
+++ b/generated/google/apis/pubsub_v1/classes.rb
@@ -460,25 +460,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -488,17 +497,22 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
class Policy
include Google::Apis::Core::Hashable
- # Associates a list of `members` to a `role`.
+ # Associates a list of `members` to a `role`. Optionally may specify a
+ # `condition` that determines when binding is in effect.
# `bindings` with no members will result in an error.
# Corresponds to the JSON property `bindings`
# @return [Array]
@@ -512,7 +526,9 @@ module Google
# systems are expected to put that etag in the request to `setIamPolicy` to
# ensure that their change will be applied to the same version of the policy.
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
- # policy is overwritten.
+ # policy is overwritten. Due to blind-set semantics of an etag-less policy,
+ # 'setIamPolicy' will not fail even if either of incoming or stored policy
+ # does not meet the version requirements.
# Corresponds to the JSON property `etag`
# NOTE: Values are automatically base64 encoded/decoded in the client library.
# @return [String]
@@ -521,9 +537,13 @@ module Google
# Specifies the format of the policy.
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
# rejected.
- # Policies with any conditional bindings must specify version 3. Policies
- # without any conditional bindings may specify any valid value or leave the
- # field unset.
+ # Operations affecting conditional bindings must specify version 3. This can
+ # be either setting a conditional policy, modifying a conditional binding,
+ # or removing a conditional binding from the stored conditional policy.
+ # Operations on non-conditional policies may specify any valid value or
+ # leave the field unset.
+ # If no etag is provided in the call to `setIamPolicy`, any version
+ # compliance checks on the incoming and/or stored policy is skipped.
# Corresponds to the JSON property `version`
# @return [Fixnum]
attr_accessor :version
@@ -821,25 +841,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -849,11 +878,15 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
# Corresponds to the JSON property `policy`
diff --git a/generated/google/apis/pubsub_v1beta2.rb b/generated/google/apis/pubsub_v1beta2.rb
index 4415cdfa0..33baddb57 100644
--- a/generated/google/apis/pubsub_v1beta2.rb
+++ b/generated/google/apis/pubsub_v1beta2.rb
@@ -25,7 +25,7 @@ module Google
# @see https://cloud.google.com/pubsub/docs
module PubsubV1beta2
VERSION = 'V1beta2'
- REVISION = '20190826'
+ REVISION = '20190923'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/pubsub_v1beta2/classes.rb b/generated/google/apis/pubsub_v1beta2/classes.rb
index 1727e0769..0de76b845 100644
--- a/generated/google/apis/pubsub_v1beta2/classes.rb
+++ b/generated/google/apis/pubsub_v1beta2/classes.rb
@@ -329,25 +329,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -357,17 +366,22 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
class Policy
include Google::Apis::Core::Hashable
- # Associates a list of `members` to a `role`.
+ # Associates a list of `members` to a `role`. Optionally may specify a
+ # `condition` that determines when binding is in effect.
# `bindings` with no members will result in an error.
# Corresponds to the JSON property `bindings`
# @return [Array]
@@ -381,7 +395,9 @@ module Google
# systems are expected to put that etag in the request to `setIamPolicy` to
# ensure that their change will be applied to the same version of the policy.
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
- # policy is overwritten.
+ # policy is overwritten. Due to blind-set semantics of an etag-less policy,
+ # 'setIamPolicy' will not fail even if either of incoming or stored policy
+ # does not meet the version requirements.
# Corresponds to the JSON property `etag`
# NOTE: Values are automatically base64 encoded/decoded in the client library.
# @return [String]
@@ -390,9 +406,13 @@ module Google
# Specifies the format of the policy.
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
# rejected.
- # Policies with any conditional bindings must specify version 3. Policies
- # without any conditional bindings may specify any valid value or leave the
- # field unset.
+ # Operations affecting conditional bindings must specify version 3. This can
+ # be either setting a conditional policy, modifying a conditional binding,
+ # or removing a conditional binding from the stored conditional policy.
+ # Operations on non-conditional policies may specify any valid value or
+ # leave the field unset.
+ # If no etag is provided in the call to `setIamPolicy`, any version
+ # compliance checks on the incoming and/or stored policy is skipped.
# Corresponds to the JSON property `version`
# @return [Fixnum]
attr_accessor :version
@@ -629,25 +649,34 @@ module Google
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
- # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- # `members` to a `role`, where the members can be user accounts, Google groups,
- # Google domains, and service accounts. A `role` is a named list of permissions
- # defined by IAM.
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ # `members` to a single `role`. Members can be user accounts, service accounts,
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
+ # permissions (defined by IAM or configured by users). A `binding` can
+ # optionally specify a `condition`, which is a logic expression that further
+ # constrains the role binding based on attributes about the request and/or
+ # target resource.
# **JSON Example**
# `
# "bindings": [
# `
- # "role": "roles/owner",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
- # "role": "roles/viewer",
- # "members": ["user:sean@example.com"]
+ # "role": "roles/resourcemanager.organizationViewer",
+ # "members": ["user:eve@example.com"],
+ # "condition": `
+ # "title": "expirable access",
+ # "description": "Does not grant access after Sep 2020",
+ # "expression": "request.time <
+ # timestamp('2020-10-01T00:00:00.000Z')",
+ # `
# `
# ]
# `
@@ -657,11 +686,15 @@ module Google
# - user:mike@example.com
# - group:admins@example.com
# - domain:google.com
- # - serviceAccount:my-other-app@appspot.gserviceaccount.com
- # role: roles/owner
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ # role: roles/resourcemanager.organizationAdmin
# - members:
- # - user:sean@example.com
- # role: roles/viewer
+ # - user:eve@example.com
+ # role: roles/resourcemanager.organizationViewer
+ # condition:
+ # title: expirable access
+ # description: Does not grant access after Sep 2020
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
# For a description of IAM and its features, see the
# [IAM developer's guide](https://cloud.google.com/iam/docs).
# Corresponds to the JSON property `policy`
diff --git a/generated/google/apis/servicebroker_v1.rb b/generated/google/apis/servicebroker_v1.rb
index 16b80be22..5723bc957 100644
--- a/generated/google/apis/servicebroker_v1.rb
+++ b/generated/google/apis/servicebroker_v1.rb
@@ -27,7 +27,7 @@ module Google
# @see https://cloud.google.com/kubernetes-engine/docs/concepts/add-on/service-broker
module ServicebrokerV1
VERSION = 'V1'
- REVISION = '20190924'
+ REVISION = '20190930'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/servicebroker_v1/service.rb b/generated/google/apis/servicebroker_v1/service.rb
index 7e8e833f4..c79e545f4 100644
--- a/generated/google/apis/servicebroker_v1/service.rb
+++ b/generated/google/apis/servicebroker_v1/service.rb
@@ -92,6 +92,7 @@ module Google
# Sets the access control policy on the specified resource. Replaces any
# existing policy.
+ # Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED
# @param [String] resource
# REQUIRED: The resource for which the policy is being specified.
# See the operation documentation for the appropriate value for this field.
diff --git a/generated/google/apis/servicebroker_v1alpha1.rb b/generated/google/apis/servicebroker_v1alpha1.rb
index e744dcfe6..666c91eb2 100644
--- a/generated/google/apis/servicebroker_v1alpha1.rb
+++ b/generated/google/apis/servicebroker_v1alpha1.rb
@@ -27,7 +27,7 @@ module Google
# @see https://cloud.google.com/kubernetes-engine/docs/concepts/add-on/service-broker
module ServicebrokerV1alpha1
VERSION = 'V1alpha1'
- REVISION = '20190924'
+ REVISION = '20190930'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/servicebroker_v1alpha1/service.rb b/generated/google/apis/servicebroker_v1alpha1/service.rb
index 4ab1604d4..b8c3d8fbf 100644
--- a/generated/google/apis/servicebroker_v1alpha1/service.rb
+++ b/generated/google/apis/servicebroker_v1alpha1/service.rb
@@ -652,6 +652,7 @@ module Google
# Sets the access control policy on the specified resource. Replaces any
# existing policy.
+ # Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED
# @param [String] resource
# REQUIRED: The resource for which the policy is being specified.
# See the operation documentation for the appropriate value for this field.
diff --git a/generated/google/apis/servicebroker_v1beta1.rb b/generated/google/apis/servicebroker_v1beta1.rb
index 36a19ec90..1692c0b6f 100644
--- a/generated/google/apis/servicebroker_v1beta1.rb
+++ b/generated/google/apis/servicebroker_v1beta1.rb
@@ -27,7 +27,7 @@ module Google
# @see https://cloud.google.com/kubernetes-engine/docs/concepts/add-on/service-broker
module ServicebrokerV1beta1
VERSION = 'V1beta1'
- REVISION = '20190924'
+ REVISION = '20190930'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/servicebroker_v1beta1/service.rb b/generated/google/apis/servicebroker_v1beta1/service.rb
index ff61af78b..6b8357bb5 100644
--- a/generated/google/apis/servicebroker_v1beta1/service.rb
+++ b/generated/google/apis/servicebroker_v1beta1/service.rb
@@ -841,6 +841,7 @@ module Google
# Sets the access control policy on the specified resource. Replaces any
# existing policy.
+ # Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED
# @param [String] resource
# REQUIRED: The resource for which the policy is being specified.
# See the operation documentation for the appropriate value for this field.
diff --git a/generated/google/apis/servicemanagement_v1.rb b/generated/google/apis/servicemanagement_v1.rb
index 887c9abe2..351f439e5 100644
--- a/generated/google/apis/servicemanagement_v1.rb
+++ b/generated/google/apis/servicemanagement_v1.rb
@@ -27,7 +27,7 @@ module Google
# @see https://cloud.google.com/service-management/
module ServicemanagementV1
VERSION = 'V1'
- REVISION = '20190920'
+ REVISION = '20190927'
# View and manage your data across Google Cloud Platform services
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
diff --git a/generated/google/apis/servicemanagement_v1/classes.rb b/generated/google/apis/servicemanagement_v1/classes.rb
index 394fbd49a..17d56cdfc 100644
--- a/generated/google/apis/servicemanagement_v1/classes.rb
+++ b/generated/google/apis/servicemanagement_v1/classes.rb
@@ -2406,6 +2406,15 @@ module Google
# @return [String]
attr_accessor :metric_kind
+ # Read-only. If present, then a time
+ # series, which is identified partially by
+ # a metric type and a MonitoredResourceDescriptor, that is associated
+ # with this metric type can only be associated with one of the monitored
+ # resource types listed here.
+ # Corresponds to the JSON property `monitoredResourceTypes`
+ # @return [Array]
+ attr_accessor :monitored_resource_types
+
# The resource name of the metric descriptor.
# Corresponds to the JSON property `name`
# @return [String]
@@ -2496,6 +2505,7 @@ module Google
@launch_stage = args[:launch_stage] if args.key?(:launch_stage)
@metadata = args[:metadata] if args.key?(:metadata)
@metric_kind = args[:metric_kind] if args.key?(:metric_kind)
+ @monitored_resource_types = args[:monitored_resource_types] if args.key?(:monitored_resource_types)
@name = args[:name] if args.key?(:name)
@type = args[:type] if args.key?(:type)
@unit = args[:unit] if args.key?(:unit)
@@ -2514,8 +2524,7 @@ module Google
# @return [String]
attr_accessor :ingest_delay
- # Deprecated. Please use the MetricDescriptor.launch_stage instead.
- # The launch stage of the metric definition.
+ # Deprecated. Must use the MetricDescriptor.launch_stage instead.
# Corresponds to the JSON property `launchStage`
# @return [String]
attr_accessor :launch_stage
@@ -3054,7 +3063,7 @@ module Google
# `
# "bindings": [
# `
- # "role": "role/resourcemanager.organizationAdmin",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
@@ -3879,7 +3888,7 @@ module Google
# `
# "bindings": [
# `
- # "role": "role/resourcemanager.organizationAdmin",
+ # "role": "roles/resourcemanager.organizationAdmin",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
diff --git a/generated/google/apis/servicemanagement_v1/representations.rb b/generated/google/apis/servicemanagement_v1/representations.rb
index 352f2ee2c..1f76c4a92 100644
--- a/generated/google/apis/servicemanagement_v1/representations.rb
+++ b/generated/google/apis/servicemanagement_v1/representations.rb
@@ -1054,6 +1054,7 @@ module Google
property :metadata, as: 'metadata', class: Google::Apis::ServicemanagementV1::MetricDescriptorMetadata, decorator: Google::Apis::ServicemanagementV1::MetricDescriptorMetadata::Representation
property :metric_kind, as: 'metricKind'
+ collection :monitored_resource_types, as: 'monitoredResourceTypes'
property :name, as: 'name'
property :type, as: 'type'
property :unit, as: 'unit'