Autogenerated update (2019-10-05)

Update: - clouderrorreporting_v1beta1 - cloudfunctions_v1 - cloudresourcemanager_v1 - cloudresourcemanager_v1beta1 - cloudresourcemanager_v2beta1 - drive_v2 - drive_v3 - pubsub_v1 - pubsub_v1beta2 - servicebroker_v1 - servicebroker_v1alpha1 - servicebroker_v1beta1 - servicemanagement_v1
2019-10-05 00:37:55 +00:00 · 2019-10-05 00:37:55 +00:00 · d41eae9c49
parent 112efade69
commit d41eae9c49
28 changed files with 437 additions and 218 deletions
--- a/generated/google/apis/clouderrorreporting_v1beta1.rb
+++ b/generated/google/apis/clouderrorreporting_v1beta1.rb
@ -26,7 +26,7 @@ module Google
    # @see https://cloud.google.com/error-reporting/
    module ClouderrorreportingV1beta1
      VERSION = 'V1beta1'
-      REVISION = '20190411'
+      REVISION = '20190925'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/clouderrorreporting_v1beta1/classes.rb
+++ b/generated/google/apis/clouderrorreporting_v1beta1/classes.rb
@ -406,14 +406,14 @@ module Google
        # @return [Google::Apis::ClouderrorreportingV1beta1::ErrorContext]
        attr_accessor :context
-        # [Optional] Time when the event occurred.
+        # Optional. Time when the event occurred.
        # If not provided, the time when the event was received by the
        # Error Reporting system will be used.
        # Corresponds to the JSON property `eventTime`
        # @return [String]
        attr_accessor :event_time
-        # [Required] The error message.
+        # Required. The error message.
        # If no `context.reportLocation` is provided, the message must contain a
        # header (typically consisting of the exception type name and an error
        # message) and an exception stack trace in one of the supported programming
--- a/generated/google/apis/clouderrorreporting_v1beta1/service.rb
+++ b/generated/google/apis/clouderrorreporting_v1beta1/service.rb
@ -50,7 +50,7 @@ module Google
        # Deletes all error events of a given project.
        # @param [String] project_name
-        #   [Required] The resource name of the Google Cloud Platform project. Written
+        #   Required. The resource name of the Google Cloud Platform project. Written
        #   as `projects/` plus the
        #   [Google Cloud Platform project
        #   ID](https://support.google.com/cloud/answer/6158840).
@ -84,27 +84,27 @@ module Google
        # Lists the specified events.
        # @param [String] project_name
-        #   [Required] The resource name of the Google Cloud Platform project. Written
+        #   Required. The resource name of the Google Cloud Platform project. Written
        #   as `projects/` plus the
        #   [Google Cloud Platform project
        #   ID](https://support.google.com/cloud/answer/6158840).
        #   Example: `projects/my-project-123`.
        # @param [String] group_id
-        #   [Required] The group for which events shall be returned.
+        #   Required. The group for which events shall be returned.
        # @param [Fixnum] page_size
-        #   [Optional] The maximum number of results to return per response.
+        #   Optional. The maximum number of results to return per response.
        # @param [String] page_token
-        #   [Optional] A `next_page_token` provided by a previous response.
+        #   Optional. A `next_page_token` provided by a previous response.
        # @param [String] service_filter_resource_type
-        #   [Optional] The exact value to match against
+        #   Optional. The exact value to match against
        #   [`ServiceContext.resource_type`](/error-reporting/reference/rest/v1beta1/
        #   ServiceContext#FIELDS.resource_type).
        # @param [String] service_filter_service
-        #   [Optional] The exact value to match against
+        #   Optional. The exact value to match against
        #   [`ServiceContext.service`](/error-reporting/reference/rest/v1beta1/
        #   ServiceContext#FIELDS.service).
        # @param [String] service_filter_version
-        #   [Optional] The exact value to match against
+        #   Optional. The exact value to match against
        #   [`ServiceContext.version`](/error-reporting/reference/rest/v1beta1/
        #   ServiceContext#FIELDS.version).
        # @param [String] time_range_period
@ -152,7 +152,7 @@ module Google
        # https://clouderrorreporting.googleapis.com/v1beta1/projects/example-project/
        # events:report?key=123ABC456`
        # @param [String] project_name
-        #   [Required] The resource name of the Google Cloud Platform project. Written
+        #   Required. The resource name of the Google Cloud Platform project. Written
        #   as `projects/` plus the
        #   [Google Cloud Platform project
        #   ID](https://support.google.com/cloud/answer/6158840). Example:
@ -189,45 +189,45 @@ module Google
        # Lists the specified groups.
        # @param [String] project_name
-        #   [Required] The resource name of the Google Cloud Platform project. Written
+        #   Required. The resource name of the Google Cloud Platform project. Written
        #   as <code>projects/</code> plus the
        #   <a href="https://support.google.com/cloud/answer/6158840">Google Cloud
        #   Platform project ID</a>.
        #   Example: <code>projects/my-project-123</code>.
        # @param [String] alignment
-        #   [Optional] The alignment of the timed counts to be returned.
+        #   Optional. The alignment of the timed counts to be returned.
        #   Default is `ALIGNMENT_EQUAL_AT_END`.
        # @param [String] alignment_time
-        #   [Optional] Time where the timed counts shall be aligned if rounded
+        #   Optional. Time where the timed counts shall be aligned if rounded
        #   alignment is chosen. Default is 00:00 UTC.
        # @param [Array<String>, String] group_id
-        #   [Optional] List all <code>ErrorGroupStats</code> with these IDs.
+        #   Optional. List all <code>ErrorGroupStats</code> with these IDs.
        # @param [String] order
-        #   [Optional] The sort order in which the results are returned.
+        #   Optional. The sort order in which the results are returned.
        #   Default is `COUNT_DESC`.
        # @param [Fixnum] page_size
-        #   [Optional] The maximum number of results to return per response.
+        #   Optional. The maximum number of results to return per response.
        #   Default is 20.
        # @param [String] page_token
-        #   [Optional] A `next_page_token` provided by a previous response. To view
+        #   Optional. A `next_page_token` provided by a previous response. To view
        #   additional results, pass this token along with the identical query
        #   parameters as the first request.
        # @param [String] service_filter_resource_type
-        #   [Optional] The exact value to match against
+        #   Optional. The exact value to match against
        #   [`ServiceContext.resource_type`](/error-reporting/reference/rest/v1beta1/
        #   ServiceContext#FIELDS.resource_type).
        # @param [String] service_filter_service
-        #   [Optional] The exact value to match against
+        #   Optional. The exact value to match against
        #   [`ServiceContext.service`](/error-reporting/reference/rest/v1beta1/
        #   ServiceContext#FIELDS.service).
        # @param [String] service_filter_version
-        #   [Optional] The exact value to match against
+        #   Optional. The exact value to match against
        #   [`ServiceContext.version`](/error-reporting/reference/rest/v1beta1/
        #   ServiceContext#FIELDS.version).
        # @param [String] time_range_period
        #   Restricts the query to the specified time range.
        # @param [String] timed_count_duration
-        #   [Optional] The preferred duration for a single returned `TimedCount`.
+        #   Optional. The preferred duration for a single returned `TimedCount`.
        #   If not set, no timed counts are returned.
        # @param [String] fields
        #   Selector specifying which fields to include in a partial response.
@ -269,7 +269,7 @@ module Google
        # Get the specified group.
        # @param [String] group_name
-        #   [Required] The group resource name. Written as
+        #   Required. The group resource name. Written as
        #   <code>projects/<var>projectID</var>/groups/<var>group_name</var></code>.
        #   Call
        #   <a href="/error-reporting/reference/rest/v1beta1/projects.groupStats/list">
--- a/generated/google/apis/cloudfunctions_v1.rb
+++ b/generated/google/apis/cloudfunctions_v1.rb
@ -25,7 +25,7 @@ module Google
    # @see https://cloud.google.com/functions
    module CloudfunctionsV1
      VERSION = 'V1'
-      REVISION = '20190917'
+      REVISION = '20190923'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/cloudfunctions_v1/classes.rb
+++ b/generated/google/apis/cloudfunctions_v1/classes.rb
@ -923,25 +923,34 @@ module Google
      # Defines an Identity and Access Management (IAM) policy. It is used to
      # specify access control policies for Cloud Platform resources.
-      # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-      # `members` to a `role`, where the members can be user accounts, Google groups,
+      # `members` to a single `role`. Members can be user accounts, service accounts,
-      # Google domains, and service accounts. A `role` is a named list of permissions
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
-      # defined by IAM.
+      # permissions (defined by IAM or configured by users). A `binding` can
      # optionally specify a `condition`, which is a logic expression that further
      # constrains the role binding based on attributes about the request and/or
      # target resource.
      # **JSON Example**
      # `
      # "bindings": [
      # `
-      # "role": "roles/owner",
+      # "role": "roles/resourcemanager.organizationAdmin",
      # "members": [
      # "user:mike@example.com",
      # "group:admins@example.com",
      # "domain:google.com",
-      # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+      # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
      # ]
      # `,
      # `
-      # "role": "roles/viewer",
+      # "role": "roles/resourcemanager.organizationViewer",
-      # "members": ["user:sean@example.com"]
+      # "members": ["user:eve@example.com"],
      # "condition": `
      # "title": "expirable access",
      # "description": "Does not grant access after Sep 2020",
      # "expression": "request.time <
      # timestamp('2020-10-01T00:00:00.000Z')",
      # `
      # `
      # ]
      # `
@ -951,11 +960,15 @@ module Google
      # - user:mike@example.com
      # - group:admins@example.com
      # - domain:google.com
-      # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+      # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-      # role: roles/owner
+      # role: roles/resourcemanager.organizationAdmin
      # - members:
-      # - user:sean@example.com
+      # - user:eve@example.com
-      # role: roles/viewer
+      # role: roles/resourcemanager.organizationViewer
      # condition:
      # title: expirable access
      # description: Does not grant access after Sep 2020
      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
      # For a description of IAM and its features, see the
      # [IAM developer's guide](https://cloud.google.com/iam/docs).
      class Policy
@ -966,7 +979,8 @@ module Google
        # @return [Array<Google::Apis::CloudfunctionsV1::AuditConfig>]
        attr_accessor :audit_configs
-        # Associates a list of `members` to a `role`.
+        # Associates a list of `members` to a `role`. Optionally may specify a
        # `condition` that determines when binding is in effect.
        # `bindings` with no members will result in an error.
        # Corresponds to the JSON property `bindings`
        # @return [Array<Google::Apis::CloudfunctionsV1::Binding>]
@ -980,7 +994,9 @@ module Google
        # systems are expected to put that etag in the request to `setIamPolicy` to
        # ensure that their change will be applied to the same version of the policy.
        # If no `etag` is provided in the call to `setIamPolicy`, then the existing
-        # policy is overwritten.
+        # policy is overwritten. Due to blind-set semantics of an etag-less policy,
        # 'setIamPolicy' will not fail even if either of incoming or stored policy
        # does not meet the version requirements.
        # Corresponds to the JSON property `etag`
        # NOTE: Values are automatically base64 encoded/decoded in the client library.
        # @return [String]
@ -989,9 +1005,13 @@ module Google
        # Specifies the format of the policy.
        # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
        # rejected.
-        # Policies with any conditional bindings must specify version 3. Policies
+        # Operations affecting conditional bindings must specify version 3. This can
-        # without any conditional bindings may specify any valid value or leave the
+        # be either setting a conditional policy, modifying a conditional binding,
-        # field unset.
+        # or removing a conditional binding from the stored conditional policy.
        # Operations on non-conditional policies may specify any valid value or
        # leave the field unset.
        # If no etag is provided in the call to `setIamPolicy`, any version
        # compliance checks on the incoming and/or stored policy is skipped.
        # Corresponds to the JSON property `version`
        # @return [Fixnum]
        attr_accessor :version
@ -1032,25 +1052,34 @@ module Google
        # Defines an Identity and Access Management (IAM) policy. It is used to
        # specify access control policies for Cloud Platform resources.
-        # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-        # `members` to a `role`, where the members can be user accounts, Google groups,
+        # `members` to a single `role`. Members can be user accounts, service accounts,
-        # Google domains, and service accounts. A `role` is a named list of permissions
+        # Google groups, and domains (such as G Suite). A `role` is a named list of
-        # defined by IAM.
+        # permissions (defined by IAM or configured by users). A `binding` can
        # optionally specify a `condition`, which is a logic expression that further
        # constrains the role binding based on attributes about the request and/or
        # target resource.
        # **JSON Example**
        # `
        # "bindings": [
        # `
-        # "role": "roles/owner",
+        # "role": "roles/resourcemanager.organizationAdmin",
        # "members": [
        # "user:mike@example.com",
        # "group:admins@example.com",
        # "domain:google.com",
-        # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
        # ]
        # `,
        # `
-        # "role": "roles/viewer",
+        # "role": "roles/resourcemanager.organizationViewer",
-        # "members": ["user:sean@example.com"]
+        # "members": ["user:eve@example.com"],
        # "condition": `
        # "title": "expirable access",
        # "description": "Does not grant access after Sep 2020",
        # "expression": "request.time <
        # timestamp('2020-10-01T00:00:00.000Z')",
        # `
        # `
        # ]
        # `
@ -1060,11 +1089,15 @@ module Google
        # - user:mike@example.com
        # - group:admins@example.com
        # - domain:google.com
-        # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-        # role: roles/owner
+        # role: roles/resourcemanager.organizationAdmin
        # - members:
-        # - user:sean@example.com
+        # - user:eve@example.com
-        # role: roles/viewer
+        # role: roles/resourcemanager.organizationViewer
        # condition:
        # title: expirable access
        # description: Does not grant access after Sep 2020
        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
        # For a description of IAM and its features, see the
        # [IAM developer's guide](https://cloud.google.com/iam/docs).
        # Corresponds to the JSON property `policy`
--- a/generated/google/apis/cloudresourcemanager_v1.rb
+++ b/generated/google/apis/cloudresourcemanager_v1.rb
@ -26,7 +26,7 @@ module Google
    # @see https://cloud.google.com/resource-manager
    module CloudresourcemanagerV1
      VERSION = 'V1'
-      REVISION = '20190830'
+      REVISION = '20190927'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/cloudresourcemanager_v1/classes.rb
+++ b/generated/google/apis/cloudresourcemanager_v1/classes.rb
@ -1291,25 +1291,34 @@ module Google
      # Defines an Identity and Access Management (IAM) policy. It is used to
      # specify access control policies for Cloud Platform resources.
-      # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-      # `members` to a `role`, where the members can be user accounts, Google groups,
+      # `members` to a single `role`. Members can be user accounts, service accounts,
-      # Google domains, and service accounts. A `role` is a named list of permissions
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
-      # defined by IAM.
+      # permissions (defined by IAM or configured by users). A `binding` can
      # optionally specify a `condition`, which is a logic expression that further
      # constrains the role binding based on attributes about the request and/or
      # target resource.
      # **JSON Example**
      # `
      # "bindings": [
      # `
-      # "role": "roles/owner",
+      # "role": "roles/resourcemanager.organizationAdmin",
      # "members": [
      # "user:mike@example.com",
      # "group:admins@example.com",
      # "domain:google.com",
-      # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+      # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
      # ]
      # `,
      # `
-      # "role": "roles/viewer",
+      # "role": "roles/resourcemanager.organizationViewer",
-      # "members": ["user:sean@example.com"]
+      # "members": ["user:eve@example.com"],
      # "condition": `
      # "title": "expirable access",
      # "description": "Does not grant access after Sep 2020",
      # "expression": "request.time <
      # timestamp('2020-10-01T00:00:00.000Z')",
      # `
      # `
      # ]
      # `
@ -1319,11 +1328,15 @@ module Google
      # - user:mike@example.com
      # - group:admins@example.com
      # - domain:google.com
-      # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+      # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-      # role: roles/owner
+      # role: roles/resourcemanager.organizationAdmin
      # - members:
-      # - user:sean@example.com
+      # - user:eve@example.com
-      # role: roles/viewer
+      # role: roles/resourcemanager.organizationViewer
      # condition:
      # title: expirable access
      # description: Does not grant access after Sep 2020
      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
      # For a description of IAM and its features, see the
      # [IAM developer's guide](https://cloud.google.com/iam/docs).
      class Policy
@ -1334,7 +1347,8 @@ module Google
        # @return [Array<Google::Apis::CloudresourcemanagerV1::AuditConfig>]
        attr_accessor :audit_configs
-        # Associates a list of `members` to a `role`.
+        # Associates a list of `members` to a `role`. Optionally may specify a
        # `condition` that determines when binding is in effect.
        # `bindings` with no members will result in an error.
        # Corresponds to the JSON property `bindings`
        # @return [Array<Google::Apis::CloudresourcemanagerV1::Binding>]
@ -1348,7 +1362,9 @@ module Google
        # systems are expected to put that etag in the request to `setIamPolicy` to
        # ensure that their change will be applied to the same version of the policy.
        # If no `etag` is provided in the call to `setIamPolicy`, then the existing
-        # policy is overwritten.
+        # policy is overwritten. Due to blind-set semantics of an etag-less policy,
        # 'setIamPolicy' will not fail even if either of incoming or stored policy
        # does not meet the version requirements.
        # Corresponds to the JSON property `etag`
        # NOTE: Values are automatically base64 encoded/decoded in the client library.
        # @return [String]
@ -1357,9 +1373,13 @@ module Google
        # Specifies the format of the policy.
        # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
        # rejected.
-        # Policies with any conditional bindings must specify version 3. Policies
+        # Operations affecting conditional bindings must specify version 3. This can
-        # without any conditional bindings may specify any valid value or leave the
+        # be either setting a conditional policy, modifying a conditional binding,
-        # field unset.
+        # or removing a conditional binding from the stored conditional policy.
        # Operations on non-conditional policies may specify any valid value or
        # leave the field unset.
        # If no etag is provided in the call to `setIamPolicy`, any version
        # compliance checks on the incoming and/or stored policy is skipped.
        # Corresponds to the JSON property `version`
        # @return [Fixnum]
        attr_accessor :version
@ -1512,7 +1532,7 @@ module Google
        attr_accessor :id
        # Required field representing the resource type this id is for.
-        # At present, the valid types are: "organization" and "folder".
+        # At present, the valid types are: "organization", "folder", and "project".
        # Corresponds to the JSON property `type`
        # @return [String]
        attr_accessor :type
@ -1629,25 +1649,34 @@ module Google
        # Defines an Identity and Access Management (IAM) policy. It is used to
        # specify access control policies for Cloud Platform resources.
-        # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-        # `members` to a `role`, where the members can be user accounts, Google groups,
+        # `members` to a single `role`. Members can be user accounts, service accounts,
-        # Google domains, and service accounts. A `role` is a named list of permissions
+        # Google groups, and domains (such as G Suite). A `role` is a named list of
-        # defined by IAM.
+        # permissions (defined by IAM or configured by users). A `binding` can
        # optionally specify a `condition`, which is a logic expression that further
        # constrains the role binding based on attributes about the request and/or
        # target resource.
        # **JSON Example**
        # `
        # "bindings": [
        # `
-        # "role": "roles/owner",
+        # "role": "roles/resourcemanager.organizationAdmin",
        # "members": [
        # "user:mike@example.com",
        # "group:admins@example.com",
        # "domain:google.com",
-        # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
        # ]
        # `,
        # `
-        # "role": "roles/viewer",
+        # "role": "roles/resourcemanager.organizationViewer",
-        # "members": ["user:sean@example.com"]
+        # "members": ["user:eve@example.com"],
        # "condition": `
        # "title": "expirable access",
        # "description": "Does not grant access after Sep 2020",
        # "expression": "request.time <
        # timestamp('2020-10-01T00:00:00.000Z')",
        # `
        # `
        # ]
        # `
@ -1657,11 +1686,15 @@ module Google
        # - user:mike@example.com
        # - group:admins@example.com
        # - domain:google.com
-        # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-        # role: roles/owner
+        # role: roles/resourcemanager.organizationAdmin
        # - members:
-        # - user:sean@example.com
+        # - user:eve@example.com
-        # role: roles/viewer
+        # role: roles/resourcemanager.organizationViewer
        # condition:
        # title: expirable access
        # description: Does not grant access after Sep 2020
        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
        # For a description of IAM and its features, see the
        # [IAM developer's guide](https://cloud.google.com/iam/docs).
        # Corresponds to the JSON property `policy`
--- a/generated/google/apis/cloudresourcemanager_v1beta1.rb
+++ b/generated/google/apis/cloudresourcemanager_v1beta1.rb
@ -26,7 +26,7 @@ module Google
    # @see https://cloud.google.com/resource-manager
    module CloudresourcemanagerV1beta1
      VERSION = 'V1beta1'
-      REVISION = '20190830'
+      REVISION = '20190927'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/cloudresourcemanager_v1beta1/classes.rb
+++ b/generated/google/apis/cloudresourcemanager_v1beta1/classes.rb
@ -562,25 +562,34 @@ module Google
      # Defines an Identity and Access Management (IAM) policy. It is used to
      # specify access control policies for Cloud Platform resources.
-      # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-      # `members` to a `role`, where the members can be user accounts, Google groups,
+      # `members` to a single `role`. Members can be user accounts, service accounts,
-      # Google domains, and service accounts. A `role` is a named list of permissions
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
-      # defined by IAM.
+      # permissions (defined by IAM or configured by users). A `binding` can
      # optionally specify a `condition`, which is a logic expression that further
      # constrains the role binding based on attributes about the request and/or
      # target resource.
      # **JSON Example**
      # `
      # "bindings": [
      # `
-      # "role": "roles/owner",
+      # "role": "roles/resourcemanager.organizationAdmin",
      # "members": [
      # "user:mike@example.com",
      # "group:admins@example.com",
      # "domain:google.com",
-      # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+      # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
      # ]
      # `,
      # `
-      # "role": "roles/viewer",
+      # "role": "roles/resourcemanager.organizationViewer",
-      # "members": ["user:sean@example.com"]
+      # "members": ["user:eve@example.com"],
      # "condition": `
      # "title": "expirable access",
      # "description": "Does not grant access after Sep 2020",
      # "expression": "request.time <
      # timestamp('2020-10-01T00:00:00.000Z')",
      # `
      # `
      # ]
      # `
@ -590,11 +599,15 @@ module Google
      # - user:mike@example.com
      # - group:admins@example.com
      # - domain:google.com
-      # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+      # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-      # role: roles/owner
+      # role: roles/resourcemanager.organizationAdmin
      # - members:
-      # - user:sean@example.com
+      # - user:eve@example.com
-      # role: roles/viewer
+      # role: roles/resourcemanager.organizationViewer
      # condition:
      # title: expirable access
      # description: Does not grant access after Sep 2020
      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
      # For a description of IAM and its features, see the
      # [IAM developer's guide](https://cloud.google.com/iam/docs).
      class Policy
@ -605,7 +618,8 @@ module Google
        # @return [Array<Google::Apis::CloudresourcemanagerV1beta1::AuditConfig>]
        attr_accessor :audit_configs
-        # Associates a list of `members` to a `role`.
+        # Associates a list of `members` to a `role`. Optionally may specify a
        # `condition` that determines when binding is in effect.
        # `bindings` with no members will result in an error.
        # Corresponds to the JSON property `bindings`
        # @return [Array<Google::Apis::CloudresourcemanagerV1beta1::Binding>]
@ -619,7 +633,9 @@ module Google
        # systems are expected to put that etag in the request to `setIamPolicy` to
        # ensure that their change will be applied to the same version of the policy.
        # If no `etag` is provided in the call to `setIamPolicy`, then the existing
-        # policy is overwritten.
+        # policy is overwritten. Due to blind-set semantics of an etag-less policy,
        # 'setIamPolicy' will not fail even if either of incoming or stored policy
        # does not meet the version requirements.
        # Corresponds to the JSON property `etag`
        # NOTE: Values are automatically base64 encoded/decoded in the client library.
        # @return [String]
@ -628,9 +644,13 @@ module Google
        # Specifies the format of the policy.
        # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
        # rejected.
-        # Policies with any conditional bindings must specify version 3. Policies
+        # Operations affecting conditional bindings must specify version 3. This can
-        # without any conditional bindings may specify any valid value or leave the
+        # be either setting a conditional policy, modifying a conditional binding,
-        # field unset.
+        # or removing a conditional binding from the stored conditional policy.
        # Operations on non-conditional policies may specify any valid value or
        # leave the field unset.
        # If no etag is provided in the call to `setIamPolicy`, any version
        # compliance checks on the incoming and/or stored policy is skipped.
        # Corresponds to the JSON property `version`
        # @return [Fixnum]
        attr_accessor :version
@ -805,25 +825,34 @@ module Google
        # Defines an Identity and Access Management (IAM) policy. It is used to
        # specify access control policies for Cloud Platform resources.
-        # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-        # `members` to a `role`, where the members can be user accounts, Google groups,
+        # `members` to a single `role`. Members can be user accounts, service accounts,
-        # Google domains, and service accounts. A `role` is a named list of permissions
+        # Google groups, and domains (such as G Suite). A `role` is a named list of
-        # defined by IAM.
+        # permissions (defined by IAM or configured by users). A `binding` can
        # optionally specify a `condition`, which is a logic expression that further
        # constrains the role binding based on attributes about the request and/or
        # target resource.
        # **JSON Example**
        # `
        # "bindings": [
        # `
-        # "role": "roles/owner",
+        # "role": "roles/resourcemanager.organizationAdmin",
        # "members": [
        # "user:mike@example.com",
        # "group:admins@example.com",
        # "domain:google.com",
-        # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
        # ]
        # `,
        # `
-        # "role": "roles/viewer",
+        # "role": "roles/resourcemanager.organizationViewer",
-        # "members": ["user:sean@example.com"]
+        # "members": ["user:eve@example.com"],
        # "condition": `
        # "title": "expirable access",
        # "description": "Does not grant access after Sep 2020",
        # "expression": "request.time <
        # timestamp('2020-10-01T00:00:00.000Z')",
        # `
        # `
        # ]
        # `
@ -833,11 +862,15 @@ module Google
        # - user:mike@example.com
        # - group:admins@example.com
        # - domain:google.com
-        # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-        # role: roles/owner
+        # role: roles/resourcemanager.organizationAdmin
        # - members:
-        # - user:sean@example.com
+        # - user:eve@example.com
-        # role: roles/viewer
+        # role: roles/resourcemanager.organizationViewer
        # condition:
        # title: expirable access
        # description: Does not grant access after Sep 2020
        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
        # For a description of IAM and its features, see the
        # [IAM developer's guide](https://cloud.google.com/iam/docs).
        # Corresponds to the JSON property `policy`
--- a/generated/google/apis/cloudresourcemanager_v2beta1.rb
+++ b/generated/google/apis/cloudresourcemanager_v2beta1.rb
@ -26,7 +26,7 @@ module Google
    # @see https://cloud.google.com/resource-manager
    module CloudresourcemanagerV2beta1
      VERSION = 'V2beta1'
-      REVISION = '20190830'
+      REVISION = '20190927'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/cloudresourcemanager_v2beta1/classes.rb
+++ b/generated/google/apis/cloudresourcemanager_v2beta1/classes.rb
@ -505,25 +505,34 @@ module Google
      # Defines an Identity and Access Management (IAM) policy. It is used to
      # specify access control policies for Cloud Platform resources.
-      # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-      # `members` to a `role`, where the members can be user accounts, Google groups,
+      # `members` to a single `role`. Members can be user accounts, service accounts,
-      # Google domains, and service accounts. A `role` is a named list of permissions
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
-      # defined by IAM.
+      # permissions (defined by IAM or configured by users). A `binding` can
      # optionally specify a `condition`, which is a logic expression that further
      # constrains the role binding based on attributes about the request and/or
      # target resource.
      # **JSON Example**
      # `
      # "bindings": [
      # `
-      # "role": "roles/owner",
+      # "role": "roles/resourcemanager.organizationAdmin",
      # "members": [
      # "user:mike@example.com",
      # "group:admins@example.com",
      # "domain:google.com",
-      # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+      # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
      # ]
      # `,
      # `
-      # "role": "roles/viewer",
+      # "role": "roles/resourcemanager.organizationViewer",
-      # "members": ["user:sean@example.com"]
+      # "members": ["user:eve@example.com"],
      # "condition": `
      # "title": "expirable access",
      # "description": "Does not grant access after Sep 2020",
      # "expression": "request.time <
      # timestamp('2020-10-01T00:00:00.000Z')",
      # `
      # `
      # ]
      # `
@ -533,11 +542,15 @@ module Google
      # - user:mike@example.com
      # - group:admins@example.com
      # - domain:google.com
-      # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+      # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-      # role: roles/owner
+      # role: roles/resourcemanager.organizationAdmin
      # - members:
-      # - user:sean@example.com
+      # - user:eve@example.com
-      # role: roles/viewer
+      # role: roles/resourcemanager.organizationViewer
      # condition:
      # title: expirable access
      # description: Does not grant access after Sep 2020
      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
      # For a description of IAM and its features, see the
      # [IAM developer's guide](https://cloud.google.com/iam/docs).
      class Policy
@ -548,7 +561,8 @@ module Google
        # @return [Array<Google::Apis::CloudresourcemanagerV2beta1::AuditConfig>]
        attr_accessor :audit_configs
-        # Associates a list of `members` to a `role`.
+        # Associates a list of `members` to a `role`. Optionally may specify a
        # `condition` that determines when binding is in effect.
        # `bindings` with no members will result in an error.
        # Corresponds to the JSON property `bindings`
        # @return [Array<Google::Apis::CloudresourcemanagerV2beta1::Binding>]
@ -562,7 +576,9 @@ module Google
        # systems are expected to put that etag in the request to `setIamPolicy` to
        # ensure that their change will be applied to the same version of the policy.
        # If no `etag` is provided in the call to `setIamPolicy`, then the existing
-        # policy is overwritten.
+        # policy is overwritten. Due to blind-set semantics of an etag-less policy,
        # 'setIamPolicy' will not fail even if either of incoming or stored policy
        # does not meet the version requirements.
        # Corresponds to the JSON property `etag`
        # NOTE: Values are automatically base64 encoded/decoded in the client library.
        # @return [String]
@ -571,9 +587,13 @@ module Google
        # Specifies the format of the policy.
        # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
        # rejected.
-        # Policies with any conditional bindings must specify version 3. Policies
+        # Operations affecting conditional bindings must specify version 3. This can
-        # without any conditional bindings may specify any valid value or leave the
+        # be either setting a conditional policy, modifying a conditional binding,
-        # field unset.
+        # or removing a conditional binding from the stored conditional policy.
        # Operations on non-conditional policies may specify any valid value or
        # leave the field unset.
        # If no etag is provided in the call to `setIamPolicy`, any version
        # compliance checks on the incoming and/or stored policy is skipped.
        # Corresponds to the JSON property `version`
        # @return [Fixnum]
        attr_accessor :version
@ -714,25 +734,34 @@ module Google
        # Defines an Identity and Access Management (IAM) policy. It is used to
        # specify access control policies for Cloud Platform resources.
-        # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-        # `members` to a `role`, where the members can be user accounts, Google groups,
+        # `members` to a single `role`. Members can be user accounts, service accounts,
-        # Google domains, and service accounts. A `role` is a named list of permissions
+        # Google groups, and domains (such as G Suite). A `role` is a named list of
-        # defined by IAM.
+        # permissions (defined by IAM or configured by users). A `binding` can
        # optionally specify a `condition`, which is a logic expression that further
        # constrains the role binding based on attributes about the request and/or
        # target resource.
        # **JSON Example**
        # `
        # "bindings": [
        # `
-        # "role": "roles/owner",
+        # "role": "roles/resourcemanager.organizationAdmin",
        # "members": [
        # "user:mike@example.com",
        # "group:admins@example.com",
        # "domain:google.com",
-        # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
        # ]
        # `,
        # `
-        # "role": "roles/viewer",
+        # "role": "roles/resourcemanager.organizationViewer",
-        # "members": ["user:sean@example.com"]
+        # "members": ["user:eve@example.com"],
        # "condition": `
        # "title": "expirable access",
        # "description": "Does not grant access after Sep 2020",
        # "expression": "request.time <
        # timestamp('2020-10-01T00:00:00.000Z')",
        # `
        # `
        # ]
        # `
@ -742,11 +771,15 @@ module Google
        # - user:mike@example.com
        # - group:admins@example.com
        # - domain:google.com
-        # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-        # role: roles/owner
+        # role: roles/resourcemanager.organizationAdmin
        # - members:
-        # - user:sean@example.com
+        # - user:eve@example.com
-        # role: roles/viewer
+        # role: roles/resourcemanager.organizationViewer
        # condition:
        # title: expirable access
        # description: Does not grant access after Sep 2020
        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
        # For a description of IAM and its features, see the
        # [IAM developer's guide](https://cloud.google.com/iam/docs).
        # Corresponds to the JSON property `policy`
--- a/generated/google/apis/drive_v2.rb
+++ b/generated/google/apis/drive_v2.rb
@ -26,7 +26,7 @@ module Google
    # @see https://developers.google.com/drive/
    module DriveV2
      VERSION = 'V2'
-      REVISION = '20190919'
+      REVISION = '20190926'
      # See, edit, create, and delete all of your Google Drive files
      AUTH_DRIVE = 'https://www.googleapis.com/auth/drive'
--- a/generated/google/apis/drive_v2/classes.rb
+++ b/generated/google/apis/drive_v2/classes.rb
@ -3416,6 +3416,8 @@ module Google
        # be populated and can only be modified on files with content stored in Drive
        # which are not Google Docs. Revisions can also be pinned when they are created
        # through the drive.files.insert/update/copy by using the pinned query parameter.
        # Pinned revisions are stored indefinitely using additional storage quota, up
        # to a maximum of 200 revisions.
        # Corresponds to the JSON property `pinned`
        # @return [Boolean]
        attr_accessor :pinned
--- a/generated/google/apis/drive_v3.rb
+++ b/generated/google/apis/drive_v3.rb
@ -26,7 +26,7 @@ module Google
    # @see https://developers.google.com/drive/
    module DriveV3
      VERSION = 'V3'
-      REVISION = '20190919'
+      REVISION = '20190926'
      # See, edit, create, and delete all of your Google Drive files
      AUTH_DRIVE = 'https://www.googleapis.com/auth/drive'
--- a/generated/google/apis/drive_v3/service.rb
+++ b/generated/google/apis/drive_v3/service.rb
@ -792,7 +792,9 @@ module Google
        #   Permissions are still inherited from parent folders.
        # @param [Boolean] keep_revision_forever
        #   Whether to set the 'keepForever' field in the new head revision. This is only
-        #   applicable to files with binary content in Google Drive.
+        #   applicable to files with binary content in Google Drive. Only 200 revisions
        #   for the file can be kept forever. If the limit is reached, try deleting pinned
        #   revisions.
        # @param [String] ocr_language
        #   A language hint for OCR processing during image import (ISO 639-1 code).
        # @param [Boolean] supports_all_drives
@ -847,7 +849,9 @@ module Google
        #   Permissions are still inherited from parent folders.
        # @param [Boolean] keep_revision_forever
        #   Whether to set the 'keepForever' field in the new head revision. This is only
-        #   applicable to files with binary content in Google Drive.
+        #   applicable to files with binary content in Google Drive. Only 200 revisions
        #   for the file can be kept forever. If the limit is reached, try deleting pinned
        #   revisions.
        # @param [String] ocr_language
        #   A language hint for OCR processing during image import (ISO 639-1 code).
        # @param [Boolean] supports_all_drives
@ -1199,7 +1203,9 @@ module Google
        #   A comma-separated list of parent IDs to add.
        # @param [Boolean] keep_revision_forever
        #   Whether to set the 'keepForever' field in the new head revision. This is only
-        #   applicable to files with binary content in Google Drive.
+        #   applicable to files with binary content in Google Drive. Only 200 revisions
        #   for the file can be kept forever. If the limit is reached, try deleting pinned
        #   revisions.
        # @param [String] ocr_language
        #   A language hint for OCR processing during image import (ISO 639-1 code).
        # @param [String] remove_parents
--- a/generated/google/apis/pubsub_v1.rb
+++ b/generated/google/apis/pubsub_v1.rb
@ -25,7 +25,7 @@ module Google
    # @see https://cloud.google.com/pubsub/docs
    module PubsubV1
      VERSION = 'V1'
-      REVISION = '20190826'
+      REVISION = '20190923'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/pubsub_v1/classes.rb
+++ b/generated/google/apis/pubsub_v1/classes.rb
@ -460,25 +460,34 @@ module Google
      # Defines an Identity and Access Management (IAM) policy. It is used to
      # specify access control policies for Cloud Platform resources.
-      # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-      # `members` to a `role`, where the members can be user accounts, Google groups,
+      # `members` to a single `role`. Members can be user accounts, service accounts,
-      # Google domains, and service accounts. A `role` is a named list of permissions
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
-      # defined by IAM.
+      # permissions (defined by IAM or configured by users). A `binding` can
      # optionally specify a `condition`, which is a logic expression that further
      # constrains the role binding based on attributes about the request and/or
      # target resource.
      # **JSON Example**
      # `
      # "bindings": [
      # `
-      # "role": "roles/owner",
+      # "role": "roles/resourcemanager.organizationAdmin",
      # "members": [
      # "user:mike@example.com",
      # "group:admins@example.com",
      # "domain:google.com",
-      # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+      # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
      # ]
      # `,
      # `
-      # "role": "roles/viewer",
+      # "role": "roles/resourcemanager.organizationViewer",
-      # "members": ["user:sean@example.com"]
+      # "members": ["user:eve@example.com"],
      # "condition": `
      # "title": "expirable access",
      # "description": "Does not grant access after Sep 2020",
      # "expression": "request.time <
      # timestamp('2020-10-01T00:00:00.000Z')",
      # `
      # `
      # ]
      # `
@ -488,17 +497,22 @@ module Google
      # - user:mike@example.com
      # - group:admins@example.com
      # - domain:google.com
-      # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+      # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-      # role: roles/owner
+      # role: roles/resourcemanager.organizationAdmin
      # - members:
-      # - user:sean@example.com
+      # - user:eve@example.com
-      # role: roles/viewer
+      # role: roles/resourcemanager.organizationViewer
      # condition:
      # title: expirable access
      # description: Does not grant access after Sep 2020
      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
      # For a description of IAM and its features, see the
      # [IAM developer's guide](https://cloud.google.com/iam/docs).
      class Policy
        include Google::Apis::Core::Hashable
-        # Associates a list of `members` to a `role`.
+        # Associates a list of `members` to a `role`. Optionally may specify a
        # `condition` that determines when binding is in effect.
        # `bindings` with no members will result in an error.
        # Corresponds to the JSON property `bindings`
        # @return [Array<Google::Apis::PubsubV1::Binding>]
@ -512,7 +526,9 @@ module Google
        # systems are expected to put that etag in the request to `setIamPolicy` to
        # ensure that their change will be applied to the same version of the policy.
        # If no `etag` is provided in the call to `setIamPolicy`, then the existing
-        # policy is overwritten.
+        # policy is overwritten. Due to blind-set semantics of an etag-less policy,
        # 'setIamPolicy' will not fail even if either of incoming or stored policy
        # does not meet the version requirements.
        # Corresponds to the JSON property `etag`
        # NOTE: Values are automatically base64 encoded/decoded in the client library.
        # @return [String]
@ -521,9 +537,13 @@ module Google
        # Specifies the format of the policy.
        # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
        # rejected.
-        # Policies with any conditional bindings must specify version 3. Policies
+        # Operations affecting conditional bindings must specify version 3. This can
-        # without any conditional bindings may specify any valid value or leave the
+        # be either setting a conditional policy, modifying a conditional binding,
-        # field unset.
+        # or removing a conditional binding from the stored conditional policy.
        # Operations on non-conditional policies may specify any valid value or
        # leave the field unset.
        # If no etag is provided in the call to `setIamPolicy`, any version
        # compliance checks on the incoming and/or stored policy is skipped.
        # Corresponds to the JSON property `version`
        # @return [Fixnum]
        attr_accessor :version
@ -821,25 +841,34 @@ module Google
        # Defines an Identity and Access Management (IAM) policy. It is used to
        # specify access control policies for Cloud Platform resources.
-        # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-        # `members` to a `role`, where the members can be user accounts, Google groups,
+        # `members` to a single `role`. Members can be user accounts, service accounts,
-        # Google domains, and service accounts. A `role` is a named list of permissions
+        # Google groups, and domains (such as G Suite). A `role` is a named list of
-        # defined by IAM.
+        # permissions (defined by IAM or configured by users). A `binding` can
        # optionally specify a `condition`, which is a logic expression that further
        # constrains the role binding based on attributes about the request and/or
        # target resource.
        # **JSON Example**
        # `
        # "bindings": [
        # `
-        # "role": "roles/owner",
+        # "role": "roles/resourcemanager.organizationAdmin",
        # "members": [
        # "user:mike@example.com",
        # "group:admins@example.com",
        # "domain:google.com",
-        # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
        # ]
        # `,
        # `
-        # "role": "roles/viewer",
+        # "role": "roles/resourcemanager.organizationViewer",
-        # "members": ["user:sean@example.com"]
+        # "members": ["user:eve@example.com"],
        # "condition": `
        # "title": "expirable access",
        # "description": "Does not grant access after Sep 2020",
        # "expression": "request.time <
        # timestamp('2020-10-01T00:00:00.000Z')",
        # `
        # `
        # ]
        # `
@ -849,11 +878,15 @@ module Google
        # - user:mike@example.com
        # - group:admins@example.com
        # - domain:google.com
-        # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-        # role: roles/owner
+        # role: roles/resourcemanager.organizationAdmin
        # - members:
-        # - user:sean@example.com
+        # - user:eve@example.com
-        # role: roles/viewer
+        # role: roles/resourcemanager.organizationViewer
        # condition:
        # title: expirable access
        # description: Does not grant access after Sep 2020
        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
        # For a description of IAM and its features, see the
        # [IAM developer's guide](https://cloud.google.com/iam/docs).
        # Corresponds to the JSON property `policy`
--- a/generated/google/apis/pubsub_v1beta2.rb
+++ b/generated/google/apis/pubsub_v1beta2.rb
@ -25,7 +25,7 @@ module Google
    # @see https://cloud.google.com/pubsub/docs
    module PubsubV1beta2
      VERSION = 'V1beta2'
-      REVISION = '20190826'
+      REVISION = '20190923'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/pubsub_v1beta2/classes.rb
+++ b/generated/google/apis/pubsub_v1beta2/classes.rb
@ -329,25 +329,34 @@ module Google
      # Defines an Identity and Access Management (IAM) policy. It is used to
      # specify access control policies for Cloud Platform resources.
-      # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-      # `members` to a `role`, where the members can be user accounts, Google groups,
+      # `members` to a single `role`. Members can be user accounts, service accounts,
-      # Google domains, and service accounts. A `role` is a named list of permissions
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
-      # defined by IAM.
+      # permissions (defined by IAM or configured by users). A `binding` can
      # optionally specify a `condition`, which is a logic expression that further
      # constrains the role binding based on attributes about the request and/or
      # target resource.
      # **JSON Example**
      # `
      # "bindings": [
      # `
-      # "role": "roles/owner",
+      # "role": "roles/resourcemanager.organizationAdmin",
      # "members": [
      # "user:mike@example.com",
      # "group:admins@example.com",
      # "domain:google.com",
-      # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+      # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
      # ]
      # `,
      # `
-      # "role": "roles/viewer",
+      # "role": "roles/resourcemanager.organizationViewer",
-      # "members": ["user:sean@example.com"]
+      # "members": ["user:eve@example.com"],
      # "condition": `
      # "title": "expirable access",
      # "description": "Does not grant access after Sep 2020",
      # "expression": "request.time <
      # timestamp('2020-10-01T00:00:00.000Z')",
      # `
      # `
      # ]
      # `
@ -357,17 +366,22 @@ module Google
      # - user:mike@example.com
      # - group:admins@example.com
      # - domain:google.com
-      # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+      # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-      # role: roles/owner
+      # role: roles/resourcemanager.organizationAdmin
      # - members:
-      # - user:sean@example.com
+      # - user:eve@example.com
-      # role: roles/viewer
+      # role: roles/resourcemanager.organizationViewer
      # condition:
      # title: expirable access
      # description: Does not grant access after Sep 2020
      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
      # For a description of IAM and its features, see the
      # [IAM developer's guide](https://cloud.google.com/iam/docs).
      class Policy
        include Google::Apis::Core::Hashable
-        # Associates a list of `members` to a `role`.
+        # Associates a list of `members` to a `role`. Optionally may specify a
        # `condition` that determines when binding is in effect.
        # `bindings` with no members will result in an error.
        # Corresponds to the JSON property `bindings`
        # @return [Array<Google::Apis::PubsubV1beta2::Binding>]
@ -381,7 +395,9 @@ module Google
        # systems are expected to put that etag in the request to `setIamPolicy` to
        # ensure that their change will be applied to the same version of the policy.
        # If no `etag` is provided in the call to `setIamPolicy`, then the existing
-        # policy is overwritten.
+        # policy is overwritten. Due to blind-set semantics of an etag-less policy,
        # 'setIamPolicy' will not fail even if either of incoming or stored policy
        # does not meet the version requirements.
        # Corresponds to the JSON property `etag`
        # NOTE: Values are automatically base64 encoded/decoded in the client library.
        # @return [String]
@ -390,9 +406,13 @@ module Google
        # Specifies the format of the policy.
        # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
        # rejected.
-        # Policies with any conditional bindings must specify version 3. Policies
+        # Operations affecting conditional bindings must specify version 3. This can
-        # without any conditional bindings may specify any valid value or leave the
+        # be either setting a conditional policy, modifying a conditional binding,
-        # field unset.
+        # or removing a conditional binding from the stored conditional policy.
        # Operations on non-conditional policies may specify any valid value or
        # leave the field unset.
        # If no etag is provided in the call to `setIamPolicy`, any version
        # compliance checks on the incoming and/or stored policy is skipped.
        # Corresponds to the JSON property `version`
        # @return [Fixnum]
        attr_accessor :version
@ -629,25 +649,34 @@ module Google
        # Defines an Identity and Access Management (IAM) policy. It is used to
        # specify access control policies for Cloud Platform resources.
-        # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
+        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-        # `members` to a `role`, where the members can be user accounts, Google groups,
+        # `members` to a single `role`. Members can be user accounts, service accounts,
-        # Google domains, and service accounts. A `role` is a named list of permissions
+        # Google groups, and domains (such as G Suite). A `role` is a named list of
-        # defined by IAM.
+        # permissions (defined by IAM or configured by users). A `binding` can
        # optionally specify a `condition`, which is a logic expression that further
        # constrains the role binding based on attributes about the request and/or
        # target resource.
        # **JSON Example**
        # `
        # "bindings": [
        # `
-        # "role": "roles/owner",
+        # "role": "roles/resourcemanager.organizationAdmin",
        # "members": [
        # "user:mike@example.com",
        # "group:admins@example.com",
        # "domain:google.com",
-        # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
        # ]
        # `,
        # `
-        # "role": "roles/viewer",
+        # "role": "roles/resourcemanager.organizationViewer",
-        # "members": ["user:sean@example.com"]
+        # "members": ["user:eve@example.com"],
        # "condition": `
        # "title": "expirable access",
        # "description": "Does not grant access after Sep 2020",
        # "expression": "request.time <
        # timestamp('2020-10-01T00:00:00.000Z')",
        # `
        # `
        # ]
        # `
@ -657,11 +686,15 @@ module Google
        # - user:mike@example.com
        # - group:admins@example.com
        # - domain:google.com
-        # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
-        # role: roles/owner
+        # role: roles/resourcemanager.organizationAdmin
        # - members:
-        # - user:sean@example.com
+        # - user:eve@example.com
-        # role: roles/viewer
+        # role: roles/resourcemanager.organizationViewer
        # condition:
        # title: expirable access
        # description: Does not grant access after Sep 2020
        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
        # For a description of IAM and its features, see the
        # [IAM developer's guide](https://cloud.google.com/iam/docs).
        # Corresponds to the JSON property `policy`
--- a/generated/google/apis/servicebroker_v1.rb
+++ b/generated/google/apis/servicebroker_v1.rb
@ -27,7 +27,7 @@ module Google
    # @see https://cloud.google.com/kubernetes-engine/docs/concepts/add-on/service-broker
    module ServicebrokerV1
      VERSION = 'V1'
-      REVISION = '20190924'
+      REVISION = '20190930'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/servicebroker_v1/service.rb
+++ b/generated/google/apis/servicebroker_v1/service.rb
@ -92,6 +92,7 @@ module Google
        # Sets the access control policy on the specified resource. Replaces any
        # existing policy.
        # Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED
        # @param [String] resource
        #   REQUIRED: The resource for which the policy is being specified.
        #   See the operation documentation for the appropriate value for this field.
--- a/generated/google/apis/servicebroker_v1alpha1.rb
+++ b/generated/google/apis/servicebroker_v1alpha1.rb
@ -27,7 +27,7 @@ module Google
    # @see https://cloud.google.com/kubernetes-engine/docs/concepts/add-on/service-broker
    module ServicebrokerV1alpha1
      VERSION = 'V1alpha1'
-      REVISION = '20190924'
+      REVISION = '20190930'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/servicebroker_v1alpha1/service.rb
+++ b/generated/google/apis/servicebroker_v1alpha1/service.rb
@ -652,6 +652,7 @@ module Google
        # Sets the access control policy on the specified resource. Replaces any
        # existing policy.
        # Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED
        # @param [String] resource
        #   REQUIRED: The resource for which the policy is being specified.
        #   See the operation documentation for the appropriate value for this field.
--- a/generated/google/apis/servicebroker_v1beta1.rb
+++ b/generated/google/apis/servicebroker_v1beta1.rb
@ -27,7 +27,7 @@ module Google
    # @see https://cloud.google.com/kubernetes-engine/docs/concepts/add-on/service-broker
    module ServicebrokerV1beta1
      VERSION = 'V1beta1'
-      REVISION = '20190924'
+      REVISION = '20190930'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/servicebroker_v1beta1/service.rb
+++ b/generated/google/apis/servicebroker_v1beta1/service.rb
@ -841,6 +841,7 @@ module Google
        # Sets the access control policy on the specified resource. Replaces any
        # existing policy.
        # Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED
        # @param [String] resource
        #   REQUIRED: The resource for which the policy is being specified.
        #   See the operation documentation for the appropriate value for this field.
--- a/generated/google/apis/servicemanagement_v1.rb
+++ b/generated/google/apis/servicemanagement_v1.rb
@ -27,7 +27,7 @@ module Google
    # @see https://cloud.google.com/service-management/
    module ServicemanagementV1
      VERSION = 'V1'
-      REVISION = '20190920'
+      REVISION = '20190927'
      # View and manage your data across Google Cloud Platform services
      AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
--- a/generated/google/apis/servicemanagement_v1/classes.rb
+++ b/generated/google/apis/servicemanagement_v1/classes.rb
@ -2406,6 +2406,15 @@ module Google
        # @return [String]
        attr_accessor :metric_kind
        # Read-only. If present, then a time
        # series, which is identified partially by
        # a metric type and a MonitoredResourceDescriptor, that is associated
        # with this metric type can only be associated with one of the monitored
        # resource types listed here.
        # Corresponds to the JSON property `monitoredResourceTypes`
        # @return [Array<String>]
        attr_accessor :monitored_resource_types
        # The resource name of the metric descriptor.
        # Corresponds to the JSON property `name`
        # @return [String]
@ -2496,6 +2505,7 @@ module Google
          @launch_stage = args[:launch_stage] if args.key?(:launch_stage)
          @metadata = args[:metadata] if args.key?(:metadata)
          @metric_kind = args[:metric_kind] if args.key?(:metric_kind)
          @monitored_resource_types = args[:monitored_resource_types] if args.key?(:monitored_resource_types)
          @name = args[:name] if args.key?(:name)
          @type = args[:type] if args.key?(:type)
          @unit = args[:unit] if args.key?(:unit)
@ -2514,8 +2524,7 @@ module Google
        # @return [String]
        attr_accessor :ingest_delay
-        # Deprecated. Please use the MetricDescriptor.launch_stage instead.
+        # Deprecated. Must use the MetricDescriptor.launch_stage instead.
        # The launch stage of the metric definition.
        # Corresponds to the JSON property `launchStage`
        # @return [String]
        attr_accessor :launch_stage
@ -3054,7 +3063,7 @@ module Google
      # `
      # "bindings": [
      # `
-      # "role": "role/resourcemanager.organizationAdmin",
+      # "role": "roles/resourcemanager.organizationAdmin",
      # "members": [
      # "user:mike@example.com",
      # "group:admins@example.com",
@ -3879,7 +3888,7 @@ module Google
        # `
        # "bindings": [
        # `
-        # "role": "role/resourcemanager.organizationAdmin",
+        # "role": "roles/resourcemanager.organizationAdmin",
        # "members": [
        # "user:mike@example.com",
        # "group:admins@example.com",
--- a/generated/google/apis/servicemanagement_v1/representations.rb
+++ b/generated/google/apis/servicemanagement_v1/representations.rb
@ -1054,6 +1054,7 @@ module Google
          property :metadata, as: 'metadata', class: Google::Apis::ServicemanagementV1::MetricDescriptorMetadata, decorator: Google::Apis::ServicemanagementV1::MetricDescriptorMetadata::Representation
          property :metric_kind, as: 'metricKind'
          collection :monitored_resource_types, as: 'monitoredResourceTypes'
          property :name, as: 'name'
          property :type, as: 'type'
          property :unit, as: 'unit'