run npm generate --use-cache

googleapis · Feb 18, 2021 · 59f2f97 · 59f2f97
1 parent 742dc32
commit 59f2f97
Show file tree

Hide file tree

Showing 674 changed files with 266,453 additions and 50,775 deletions.
diff --git a/discovery/accesscontextmanager-v1.json b/discovery/accesscontextmanager-v1.json
@@ -943,7 +943,7 @@
       }
     }
   },
-  "revision": "20200927",
+  "revision": "20210131",
   "rootUrl": "https://accesscontextmanager.googleapis.com/",
   "schemas": {
     "AccessLevel": {
@@ -996,6 +996,24 @@
       },
       "type": "object"
     },
+    "ApiOperation": {
+      "description": "Identification for an API Operation.",
+      "id": "ApiOperation",
+      "properties": {
+        "methodSelectors": {
+          "description": "API methods or permissions to allow. Method or permission must belong to the service specified by `service_name` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `service_name`.",
+          "items": {
+            "$ref": "MethodSelector"
+          },
+          "type": "array"
+        },
+        "serviceName": {
+          "description": "The name of the API whose methods or permissions the IngressPolicy or EgressPolicy want to allow. A single ApiOperation with `service_name` field set to `*` will allow all methods AND permissions for all services.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "BasicLevel": {
       "description": "`BasicLevel` is an `AccessLevel` using a set of recommended features.",
       "id": "BasicLevel",
@@ -1171,6 +1189,72 @@
       },
       "type": "object"
     },
+    "EgressFrom": {
+      "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.",
+      "id": "EgressFrom",
+      "properties": {
+        "identities": {
+          "description": "A list of identities that are allowed access through this [EgressPolicy]. Should be in the format of email address. The email address should represent individual user or service account only.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "identityType": {
+          "description": "Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.",
+          "enum": [
+            "IDENTITY_TYPE_UNSPECIFIED",
+            "ANY_IDENTITY",
+            "ANY_USER_ACCOUNT",
+            "ANY_SERVICE_ACCOUNT"
+          ],
+          "enumDescriptions": [
+            "No blanket identity group specified.",
+            "Authorize access from all identities outside the perimeter.",
+            "Authorize access from all human users outside the perimeter.",
+            "Authorize access from all service accounts outside the perimeter."
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "EgressPolicy": {
+      "description": "Policy for egress from perimeter. EgressPolicies match requests based on `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, both `egress_from` and `egress_to` stanzas must be matched. If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter boundary. For example, an EgressPolicy can be used to allow VMs on networks within the ServicePerimeter to access a defined set of projects outside the perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket or query against a BigQuery dataset). EgressPolicies are concerned with the *resources* that a request relates as well as the API services and API actions being used. They do not related to the direction of data movement. More detailed documentation for this concept can be found in the descriptions of EgressFrom and EgressTo.",
+      "id": "EgressPolicy",
+      "properties": {
+        "egressFrom": {
+          "$ref": "EgressFrom",
+          "description": "Defines conditions on the source of a request causing this EgressPolicy to apply."
+        },
+        "egressTo": {
+          "$ref": "EgressTo",
+          "description": "Defines the conditions on the ApiOperation and destination resources that cause this EgressPolicy to apply."
+        }
+      },
+      "type": "object"
+    },
+    "EgressTo": {
+      "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.",
+      "id": "EgressTo",
+      "properties": {
+        "operations": {
+          "description": "A list of ApiOperations that this egress rule applies to. A request matches if it contains an operation/service in this list.",
+          "items": {
+            "$ref": "ApiOperation"
+          },
+          "type": "array"
+        },
+        "resources": {
+          "description": "A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If `*` is specified for resources, then this EgressTo rule will authorize access to all resources outside the perimeter.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "Empty": {
       "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.",
       "id": "Empty",
@@ -1222,6 +1306,94 @@
       },
       "type": "object"
     },
+    "IngressFrom": {
+      "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request.",
+      "id": "IngressFrom",
+      "properties": {
+        "identities": {
+          "description": "A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "identityType": {
+          "description": "Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.",
+          "enum": [
+            "IDENTITY_TYPE_UNSPECIFIED",
+            "ANY_IDENTITY",
+            "ANY_USER_ACCOUNT",
+            "ANY_SERVICE_ACCOUNT"
+          ],
+          "enumDescriptions": [
+            "No blanket identity group specified.",
+            "Authorize access from all identities outside the perimeter.",
+            "Authorize access from all human users outside the perimeter.",
+            "Authorize access from all service accounts outside the perimeter."
+          ],
+          "type": "string"
+        },
+        "sources": {
+          "description": "Sources that this IngressPolicy authorizes access from.",
+          "items": {
+            "$ref": "IngressSource"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "IngressPolicy": {
+      "description": "Policy for ingress into ServicePerimeter. IngressPolicies match requests based on `ingress_from` and `ingress_to` stanzas. For an ingress policy to match, both the `ingress_from` and `ingress_to` stanzas must be matched. If an IngressPolicy matches a request, the request is allowed through the perimeter boundary from outside the perimeter. For example, access from the internet can be allowed either based on an AccessLevel or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required. Individual ingress policies can be limited by restricting which services and/or actions they match using the `ingress_to` field.",
+      "id": "IngressPolicy",
+      "properties": {
+        "ingressFrom": {
+          "$ref": "IngressFrom",
+          "description": "Defines the conditions on the source of a request causing this IngressPolicy to apply."
+        },
+        "ingressTo": {
+          "$ref": "IngressTo",
+          "description": "Defines the conditions on the ApiOperation and request destination that cause this IngressPolicy to apply."
+        }
+      },
+      "type": "object"
+    },
+    "IngressSource": {
+      "description": "The source that IngressPolicy authorizes access from.",
+      "id": "IngressSource",
+      "properties": {
+        "accessLevel": {
+          "description": "An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If `*` is specified, then all IngressSources will be allowed.",
+          "type": "string"
+        },
+        "resource": {
+          "description": "A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. Currently only projects are allowed. Format: `projects/{project_number}` The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "IngressTo": {
+      "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the destination of the request.",
+      "id": "IngressTo",
+      "properties": {
+        "operations": {
+          "description": "A list of ApiOperations the sources specified in corresponding IngressFrom are allowed to perform in this ServicePerimeter.",
+          "items": {
+            "$ref": "ApiOperation"
+          },
+          "type": "array"
+        },
+        "resources": {
+          "description": "A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. A request matches if it contains a resource in this list. If `*` is specified for resources, then this IngressTo rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "ListAccessLevelsResponse": {
       "description": "A response to `ListAccessLevelsRequest`.",
       "id": "ListAccessLevelsResponse",
@@ -1312,6 +1484,21 @@
       },
       "type": "object"
     },
+    "MethodSelector": {
+      "description": "An allowed method or permission of a service specified in ApiOperation.",
+      "id": "MethodSelector",
+      "properties": {
+        "method": {
+          "description": "Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed.",
+          "type": "string"
+        },
+        "permission": {
+          "description": "Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "Operation": {
       "description": "This resource represents a long-running operation that is the result of a network API call.",
       "id": "Operation",
@@ -1502,6 +1689,20 @@
           },
           "type": "array"
         },
+        "egressPolicies": {
+          "description": "List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge.",
+          "items": {
+            "$ref": "EgressPolicy"
+          },
+          "type": "array"
+        },
+        "ingressPolicies": {
+          "description": "List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge.",
+          "items": {
+            "$ref": "IngressPolicy"
+          },
+          "type": "array"
+        },
         "resources": {
           "description": "A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`",
           "items": {

diff --git a/discovery/adexchangebuyer2-v2beta1.json b/discovery/adexchangebuyer2-v2beta1.json
@@ -2500,7 +2500,7 @@
       }
     }
   },
-  "revision": "20201202",
+  "revision": "20210217",
   "rootUrl": "https://adexchangebuyer.googleapis.com/",
   "schemas": {
     "AbsoluteDateRange": {
@@ -4611,16 +4611,20 @@
             "SENSITIVE_CATEGORY",
             "PRODUCT_CATEGORY",
             "DISAPPROVAL_REASON",
-            "POLICY_TOPIC"
+            "POLICY_TOPIC",
+            "ATP_VENDOR",
+            "VENDOR_DOMAIN"
           ],
           "enumDescriptions": [
             "A placeholder for an undefined status. This value will never be returned in responses.",
             "Indicates that the detail ID refers to a creative attribute; see [publisher-excludable-creative-attributes](https://developers.google.com/authorized-buyers/rtb/downloads/publisher-excludable-creative-attributes).",
-            "Indicates that the detail ID refers to a vendor; see [vendors](https://developers.google.com/authorized-buyers/rtb/downloads/vendors).",
+            "Indicates that the detail ID refers to a vendor; see [vendors](https://developers.google.com/authorized-buyers/rtb/downloads/vendors). This namespace is different from that of the `ATP_VENDOR` detail type.",
             "Indicates that the detail ID refers to a sensitive category; see [ad-sensitive-categories](https://developers.google.com/authorized-buyers/rtb/downloads/ad-sensitive-categories).",
             "Indicates that the detail ID refers to a product category; see [ad-product-categories](https://developers.google.com/authorized-buyers/rtb/downloads/ad-product-categories).",
             "Indicates that the detail ID refers to a disapproval reason; see DisapprovalReason enum in [snippet-status-report-proto](https://developers.google.com/authorized-buyers/rtb/downloads/snippet-status-report-proto).",
-            "Indicates that the detail ID refers to a policy topic."
+            "Indicates that the detail ID refers to a policy topic.",
+            "Indicates that the detail ID refers to an ad technology provider (ATP); see [providers] (https://storage.googleapis.com/adx-rtb-dictionaries/providers.csv). This namespace is different from the `VENDOR` detail type; see [ad technology providers](https://support.google.com/admanager/answer/9012903) for more information.",
+            "Indicates that the detail string refers the domain of an unknown vendor."
           ],
           "type": "string"
         },

diff --git a/discovery/admin-datatransfer_v1.json b/discovery/admin-datatransfer_v1.json
@@ -145,7 +145,7 @@
           "parameterOrder": [],
           "parameters": {
             "customerId": {
-              "description": "Immutable ID of the Google Apps account.",
+              "description": "Immutable ID of the Google Workspace account.",
               "location": "query",
               "type": "string"
             },
@@ -227,7 +227,7 @@
           "parameterOrder": [],
           "parameters": {
             "customerId": {
-              "description": "Immutable ID of the Google Apps account.",
+              "description": "Immutable ID of the Google Workspace account.",
               "location": "query",
               "type": "string"
             },
@@ -272,7 +272,7 @@
       }
     }
   },
-  "revision": "20201124",
+  "revision": "20210216",
   "rootUrl": "https://admin.googleapis.com/",
   "schemas": {
     "Application": {